Jump to content

How does MD5 password encryption work?

A1SURF.us

By A1SURF.us
in PHP Coding Help

 Share

Recommended Posts

A1SURF.us Newbie

A1SURF.us

Posted
Posted

I'm confused  :shrug:

  • How do I get two different login and registration class to share the same Md5?
     
  • Is this line of code all you need to encrypt a login password with md5?

$password = md5($random_password);

 

  • Is there a string of variables like this that need to be similar?

abcdefghijklmnopqrstuvwxyz0123456789


 

 

I tried using this class as a fancy activate your email and create an encrypted password after they register but it's using a different encryption method from a validation class that I think md5 is using.

 

recover and encrypt password class

<h2>Activate your account or reset your password!</h2>
<hr/>
<table  align="center" border="0" cellpadding="30" cellspacing="30">
				<tr>
					<td >
<form style="font-weight:bold;font-size:12px;" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
     What e-mail did you use to sign up with?<br/><br/>
    EMAIL:    <input onclick="this.value='';" type="text" title="Please enter your email address" name="email" value="email@domain.com" size="20"/>
      <button name="button2" style="background-color:#333333;font-size:14px;color:#FFF;font-weight:bold;"/>Submit</button><br/>
</form>
<?php
session_register("session");
$username = $_POST['username'];
// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";
// Convert to simple variables  
$email = $_POST['email'];
if (!isset($_POST['email'])) {
}
elseif (empty($email)) {
    echo $empty_fields_message;
}
else {
$email=mysql_real_escape_string($email);
$status = "OK";
$msg="";
//error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
if (!stristr($email,"@") OR !stristr($email,".")) {
$msg="Your email address is not correct<BR>"; 
$status= "NOTOK";}

echo "";
if($status=="OK"){  $query="SELECT email, username FROM banner_user WHERE banner_user.email = '$email'";
$st=mysql_query($query);
$recs=mysql_num_rows($st);
$row=mysql_fetch_object($st);
$em=$row->email;// email is stored to a variable
if ($recs == 0) {  echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='http://{$_SERVER['HTTP_HOST']}/advertise.php'>Register</a> </center>"; exit;}
function makeRandomPassword() { 
          $salt = "abcdefghijklmnopqrstuvwxyz0123456789"; 
          srand((double)microtime()*1000000);  
          $i = 0; 
          while ($i <= 7) { 
                $num = rand() % 33; 
                $tmp = substr($salt, $num, 1); 
                $pass = $pass . $tmp; 
                $i++; 
          } 
          return $pass; 
    } 
    $random_password = makeRandomPassword(); 
    $password = md5($random_password); 
     
    $sql = mysql_query("UPDATE banner_user SET password='$password'  
                WHERE email='$email'"); 
     
    $subject = "Your password at {$_SERVER['HTTP_HOST']}"; 
    $message = "
    Hello, 
    
    someone has reset your password. 
    

    New Password: $random_password 
     
    http://{$_SERVER['HTTP_HOST']}
    Once logged in you can change your password to something more familiar or just keep the randomly generated one for more security.
     
    Thanks! 
    Site admin 
     
    This is an automated response, please do not reply!"; 
     
    mail($email, $subject, $message, "From: Webmaster <no-reply@no-reply.com>\n 
        X-Mailer: PHP/" . phpversion()); 
    echo "Your password has been sent! Please check your email!<br />"; 
    echo "<br><br>Click <a href='http://{$_SERVER['HTTP_HOST']}/admin'>here</a> to login";
} 
else {echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";}
}
?>

 

 

How do I get this class to use the same md5 encryption?

 

 

(I think)

This is the validation class that the login script uses to validate passwords and users.

<?php
error_reporting(E_ALL);

function validate_insert($string)
{
return addslashes($string);
}

function validate_print($string)
{
return stripslashes($string);
}

function validate_print_form($string, $charset = 'UTF-8')
{
return htmlspecialchars(stripslashes($string), ENT_QUOTES, $charset);
}

function validate_print_javascript($string, $charset = 'UTF-8')
{
return htmlspecialchars($string, ENT_QUOTES, $charset);
}

function check_time($string)
{
if(preg_match('/^(([0-1]?[0-9])|([2][0-3]))[0-5]?[0-9])([0-5]?[0-9]))?$/', $string))
	return true;
else
	return false;
}

function check_int($string)
{
if(preg_match('/^[0-9]{1,}$/', $string))
	return true;
else
	return false;
}

function check_email($string)
{
// RegEx created by Myle Ott, found at regexlib.com
if(preg_match('/^([a-zA-Z0-9_\-])+(\.([a-zA-Z0-9_\-])+)*@((\[(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5])))\.(((([0-1])?([0-9])?[0-9])|(2[0-4][0-9])|(2[0-5][0-5]))\]))|((([a-zA-Z0-9])+(([\-])+([a-zA-Z0-9])+)*\.)+([a-zA-Z])+(([\-])+([a-zA-Z0-9])+)*))$/i', $string))
	return true;
else
	return false;
}

/**
* Formatiert eine Nummer nach der englischen, deutschen oder französischen Schreibweise
*
* @param float $number
* @param int $deci
* @return Formatierte Rueckgabe der Nummer
*/

function format_number($number, $deci = 0)
{
if(isset($number))
{
	if(_BannerAdManagement_NumberFormat == 'german')
		return number_format($number, $deci, ',', '.');
	elseif(_BannerAdManagement_NumberFormat == 'english')
		return number_format($number, $deci, '.', ',');
	elseif(_BannerAdManagement_NumberFormat == 'french')
		return number_format($number, $deci, ',', ' ');
	else
		return false;
}
else
	return false;
}
?>

 

(This class could be for the website stats only)

 

I'm not rich yet!

I think I need an advanced PHP coder who does side jobs and will take an I.O.U then cash later on. They need to be able to solve problems like the ones I'm having above. I will sign a paper, a  legal court document, that you can use as proof that says you did work for me and my websites. I don't think the amount of time spent will even total a complete hour for problems like this one that I need solved, for advanced coders. Like I said I just need minor coding help. And I think this post is a good example of stuff that I need help with. Nothing major. Nothing fancy. Just simple modifications to preexisting open source PHP frameworks and class's that I want to integrate into my websites.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.