Mr_J Posted November 18, 2010 Share Posted November 18, 2010 Hi all, 'Hope it is ok to post this here' I have a simple login form and registration that connects to table on database. everything worked and I decided to add md5 to my password to protect it a bit. When I 'Register' the md5 password $_POST to table in DB stay the same. i.e. [username]John [password]123 (md5: 5f77gj8vg2903nj38) and the same for [username]Jill [password]abc (md5: 5f77gj8vg2903nj38) Register.php - Form <form action="registrar.php" method="POST"> <p><label>Username:</label> <input type="text" name="username" style="width:200px;" ></p> <p><label>Password:</label> <input type="password" name="password" style="width:200px;" ></p> <p><label>Email:</label> <input type="text" name="email" style="width:200px;" ></p> <p><input type="submit" value="Register" class="sub_but"> <input class="sub_but" type="reset" value="Reset" ></p> </form> registrar.php - Processor <?php $host="localhost"; $username="username"; $password="password"; $db_name="database"; $tbl_name="members"; // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DATABASE"); $wagwoord = md5("password"); //this is what I added //Collect user information $username = $_POST['username']; $password = (md5($_POST['password']) == $wagwoord); //previous: $password = $_POST['password'] $email = $_POST['email']; //Write to table the user information mysql_query("INSERT INTO members (username, password, email) VALUES ('$username', '$wagwoord', '$email')") //previous $password ?> <html> <head></head> <body> <p>Thank you. Your Registration was Successfull. Please <span class="red">login</span> below.</p> <iframe src="login.php"></iframe> </body> </html> I have a problem to read/get value of the MD5 password as well. I basically used the same method. Any help appreciated Link to comment https://forums.phpfreaks.com/topic/219053-md5/ Share on other sites More sharing options...
Mchl Posted November 18, 2010 Share Posted November 18, 2010 [edit] Gah... too sleepy $wagwoord = md5("password"); //this is what I added should be $wagwoord = md5($_POST['password']); //this is what I added also make sure a field in database is able to store at least 32 characters (that's how long MD5 hashes are) Link to comment https://forums.phpfreaks.com/topic/219053-md5/#findComment-1135970 Share on other sites More sharing options...
Mr_J Posted November 18, 2010 Author Share Posted November 18, 2010 I changed it but now there is NO value for $password in DB... wagwoord = md5($_POST['mypassword']); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=(md5($_POST['mypassword']) == $wagwoord); $myemail=$_POST['myemail']; Link to comment https://forums.phpfreaks.com/topic/219053-md5/#findComment-1135973 Share on other sites More sharing options...
Mchl Posted November 18, 2010 Share Posted November 18, 2010 Did I tell you to use $_POST['mypassword']? I guess not. The field in your form has name="password" so you need to use $_POST['password'] <?php //connct to database... $password = md5($_POST['password']); $username = mysql_real_escape_string($_POST['username']); $email= mysql_real_escape_string($_POST['email']); mysql_query("INSERT INTO members (username, password, email) VALUES ('$username', '$password', '$email')"); Link to comment https://forums.phpfreaks.com/topic/219053-md5/#findComment-1135974 Share on other sites More sharing options...
Mr_J Posted November 18, 2010 Author Share Posted November 18, 2010 Thanks, I got confused where I use 'mypassword' in the Login.php form... Link to comment https://forums.phpfreaks.com/topic/219053-md5/#findComment-1135977 Share on other sites More sharing options...
Mchl Posted November 18, 2010 Share Posted November 18, 2010 No problem. Take special attention to mysql_real_escape_string function. It's there to protect you against SQL injections. Learn how to use it, and use it. Link to comment https://forums.phpfreaks.com/topic/219053-md5/#findComment-1135978 Share on other sites More sharing options...
Mr_J Posted November 19, 2010 Author Share Posted November 19, 2010 Thank you. Will do. ::Peace I am still learning and only started a while ago with mysql... Link to comment https://forums.phpfreaks.com/topic/219053-md5/#findComment-1136506 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.