Jump to content


Photo

Retrieve from MySQL a previously encripted string


  • Please log in to reply
6 replies to this topic

#1 ruano84

ruano84
  • Members
  • PipPip
  • Member
  • 19 posts
  • LocationVenezuela

Posted 18 October 2006 - 10:35 PM

Hi,

I am writing an user/password validator in PHP and MySQL. I am using the function crypt() to encrypt the passwords, store them in a table, and then when the users introduce their password, retrieve the stored one and compare them. This is the code to crypt and insert the password:

$name="a name";
$password=crypt("a password");
$dbh=mysql_connect ("localhost", "user");
mysql_select_db ("DataBase");
mysql_query("INSERT INTO atable (name,password) values ('$name','$password')");

And this one is for retrieve it:

$dbh=mysql_connect ("localhost", "user");
mysql_select_db ("DataBase");
$res=mysql_query("SELECT * FROM usuarios WHERE name='a name' ");
$row=mysql_fetch_row($res);
$password=crypt("a password",$row[1]);
if($password==$row[1]) echo "yes";
if($password!=$row[1]) echo "no";

For some reason, the hash of the 2nd call to the crypt function is not returning the original, so echoes "no". What could be wrong?

Thanks,
Alexis RR
Alexis RR

#2 btherl

btherl
  • Staff Alumni
  • Advanced Member
  • 3,893 posts
  • LocationAustralia

Posted 19 October 2006 - 02:53 AM

Hmm, no I am wrong.  Ignore that :)  I must think before typing..

#3 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 19 October 2006 - 03:05 AM

why not use md5($password) just asking.
Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#4 btherl

btherl
  • Staff Alumni
  • Advanced Member
  • 3,893 posts
  • LocationAustralia

Posted 19 October 2006 - 03:13 AM

Are you sure that $row[1] is actually the password?  Try printing out the values of $row[1], and also print out the result of that crypt() call.

#5 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 19 October 2006 - 04:03 AM

Heres a quick md5 example ok

save  as a.php
<?php

$password="redarrow";

if(isset($_POST['submit'])){

if($pass==$password){

echo "Hello $name <br> This is your password in md5 format 
".md5($password)." ";

}else{

echo "Sorry $name wrong password <a href='a.php'>Try Agin</a>";
exit;
}
 }
?>


<form method="POST" action="a.php"> 
<br>
Your name please
<br>
<input type="text" name="name">
<br>
Your password please
<br>
<input type="password" name="pass">
<br>
<br>
<input type="submit" name="submit" value="send">

</form>

Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#6 ruano84

ruano84
  • Members
  • PipPip
  • Member
  • 19 posts
  • LocationVenezuela

Posted 19 October 2006 - 12:01 PM

Hi, Thanks for answering,

The md5() function does the same thing. I think it's a problem with MySQL, but i really don't know what's the problem.

Alexis RR
Alexis RR

#7 ruano84

ruano84
  • Members
  • PipPip
  • Member
  • 19 posts
  • LocationVenezuela

Posted 19 October 2006 - 12:50 PM

Hi,

I saw all the code and realize that there was a programming error from me. I was hashing the password 2 times inside a validation process.

Thanks for everything
Alexis RR




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users