webguync Posted November 22, 2010 Share Posted November 22, 2010 what would be the correct way to add an MD5 has to the following POST code? $_POST['pass'] = mysql_real_escape_string($_POST ['pass']); '".$_POST ['pass']."', thanks in advance! Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 22, 2010 Share Posted November 22, 2010 What do you mean by "add" it? Quote Link to comment Share on other sites More sharing options...
webguync Posted November 22, 2010 Author Share Posted November 22, 2010 I am trying to get the posted Password info to appear as an MD5 hash when inserted into the DB. I tried this, but get a syntax error. $_POST['pass'] = mysql_real_escape_string($_POST MD5( ['pass'])); '".$_POST MD5(['pass'])."', Quote Link to comment Share on other sites More sharing options...
jim_keller Posted November 22, 2010 Share Posted November 22, 2010 $_POST['pass'] = md5($_POST['pass']); you don't need mysql_real_escape_string since MD5 will always return alphanumeric characters. Quote Link to comment Share on other sites More sharing options...
Minimeallolla Posted November 22, 2010 Share Posted November 22, 2010 well since it is going into the database you might wanna just incase. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 22, 2010 Share Posted November 22, 2010 No need if it's being hashed. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 22, 2010 Share Posted November 22, 2010 well since it is going into the database you might wanna just incase. As already stated, there is no need to do so, and it can actually be problematic to escape data that will be hashed. Here's why: include('db_conn.php'); $string = "This \string\ is Bob's."; echo md5($string) . " Hash of: $string"; echo '<br>' . md5(mysqli_real_escape_string($dbc, $string)) . " Hash of: " . mysqli_real_escape_string($dbc, $string); The above returns this result. Make note that the hashed values do not match because the escaped string is different from the original. Hash: 58d026576a486ce984336c666a941e0a $string: This \string\ is Bob's. Hash: ad29428d5e650e5fa47d03f8ff21222a Escaped $string: This \\string\\ is Bob\'s. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.