Jump to content

MD5 Password from Plain text

darrenwindle

By darrenwindle
in PHP Coding Help

 Share

Recommended Posts

darrenwindle Newbie

darrenwindle

Posted
Posted

Ok heres the deal. Im implementing a new section to my website. However the new section has its own login system. I have a login system on the current website that uses plain text passwords instead of md5.

Now what i need is the password from the original register.php file and validformregister to be copied as plain text to the main database and also then encoded to md5 into the other database. I dont know how this would be done. Also I dont want to go changing the original database to md5 as there is over 1000 users on the system and dont want to have them all re register. Im doing this so it makes registering on both systems easy and only use 1 form. The code for both is below.

 

register.php

 


<?php
session_start();
$page_title = 'Register';
include("includes/header.php");?>
   <!--main Nav-->
      <?php include('includes/mainNav.php'); ?>
    <!--Section Title-->
    <h1><?php echo $page_title; ?></h1>
<!--primary Content-->
<div id="primaryContent">
   <!--Login-->
<?php include('includes/login.php'); ?>
<br /><hr />
      <br />
<h2><span class="RedGbColor">Subscribe Now</span></h2>
      <p>
        Register here and create your profile and to attend an event of your choice (link please).<br />
    </div>
    <!--Main Content-->
    <div id="mainContent">
<?php
$username = $_SESSION['cre_email'];
$idg = $_GET['id'];
$ids = $idg;
$_SESSION['id'] = $ids;
//grabs the variables
$title = $_POST["title"];
$gender = $_POST["gender"];
$fname = $_POST["fname"];
$lname = $_POST["lname"];
$mobile = $_POST["mobile"];
$usname = $_POST["usname"];
$email = $_POST["email"];
$password = $_POST["password"];
$cpassword = $_POST["cpassword"];
$add1 = $_POST["add1"];
$add2 = $_POST["add2"];
$add3 = $_POST["add3"];
$add4 = $_POST["add4"];
$pcode = $_POST["pcode"];
$dd = $_POST["day"];
$mm = $_POST["month"];
$yyyy = $_POST["year"];
$news = $_POST["newsopt"];
$market = $_POST["market"];
$today = date(mdY);
$tmp = explode(':', $title);
$cust_gender = $tmp[0];
$cust_title = $tmp[1];
$male_status = $_POST['male_status'];
$female_status = $_POST['female_status'];
//debug info
//error_reporting(E_ALL);
//print_r($_GET);
//print_r($_POST);
//print_r($_SESSION);
if ($_SESSION['loggedin'] == 1)
{
// logged in
echo "<script language=\"JavaScript\">window.location='index.php'</script>";
exit();
}
else
{
$month = array(
array("01","Jan"),
array("02","Feb"),
array("03","Mar"),
array("04","Apr"),
array("05","May"),
array("06","Jun"),
array("07","Jul"),
array("08","Aug"),
array("09","Sep"),
array("10","Oct"),
array("11","Nov"),
array("12","Dec")
);
echo ("
  <h2><span class=\"RedGbColor\">Please take a few minutes to register.</span></h2>
   <div id=\"form1\">
<form action=\"validFormRegister.php?id=$idg\" method=\"post\" enctype=\"multipart/form-data\">
<table width=\"380\">
<tr class=\"formText\">
<td width=\"152\" valign='bottom' style='padding-top:4px;'><label class=\"small\" for='gender'>Gender:</label><em>*</em></td>
<td width=\"222\" class='small' style='padding-top:4px;'><input type='radio' name='gender' value='m' $male_status tabindex=\"1\">male
  <input type='radio' name='gender' value='f' $female_status>female
</td>
</tr>
<tr class=\"formText\">
<td>
<label class=\"small\" for='fname'>First Name:</label><em>*</em></td>
<td><input name=\"fname\" size=\"30\" tabindex=\"2\" maxlength=\"30\" class=\"txtbx\" value=\"$fname\" /></td>
</tr>
<tr class=\"formText\">
<td>
<label class=\"small\" for='lname'>Last Name:</label><em>*</em></td><td><input name=\"lname\" value='$lname' size=\"30\" maxlength=\"30\" tabindex=\"3\" class=\"txtbx\" />
</td>
<tr>
<td height=\"29\" colspan=\"2\"><hr /></td>
</tr>
<tr class=\"formText\">
<td>
<label class=\"small\" for='mobile'>Mobile/Phone:</label><em>*</em></td><td><input name=\"mobile\" value='$mobile' size=\"12\" tabindex=\"4\" maxlength=\"12\" class=\"txtbx\" /></td>
</tr>
<tr class=\"formText\">
<td>
<label class=\"small\" for='usname'>Username:</label><em>*</em></td><td><input name=\"usname\" value='$mobile' size=\"12\" tabindex=\"6\" maxlength=\"25\" class=\"txtbx\" />
<a href=\"javascript:alert('This is the username that you can login to the Dating website. This username will not work on the speed dating site. This username is not neccassary. But will improve your overall experience.')\"><small>HELP</small></a>
</td>
</tr>
<tr class=\"formText\">
<td>
<label class=\"small\" for=\"email\">Email Address:</label><em>*</em>
</td>
<td><input name=\"email\" size=\"25\" tabindex=\"5\" value='$email' maxlength=\"100\" class=\"txtbx\" />
</td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"password\">Password:</label><em>*</em></td><td><input type=\"password\" name=\"password\" size=\"12\" maxlength=\"14\" tabindex=\"6\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a>
</td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"cpassword\">Confirm Password:</label><em>*</em></td><td><input type=\"password\" name=\"cpassword\" size=\"12\" maxlength=\"14\" tabindex=\"7\" class=\"txtbx\"> <a href=\"javascript:alert('Your password must be between 4 and 14 characters long.')\"><small>HELP</small></a>
</td>
</tr>
<tr>
<td height=\"29\" colspan=\"2\"><hr /></td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"add1\">House Name:</label> </td>
<td><input name=\"add1\" type=\"text\" tabindex=\"8\" class=\"txtbx\" value='$add1' /></td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"add2\">Street Address:</label> </td>
<td><input name=\"add2\" type=\"text\" tabindex=\"9\" class=\"txtbx\" value='$add2' /></td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"add3\">Town:</label> </td>
<td><input name=\"add3\" type=\"text\" tabindex=\"10\"  class=\"txtbx\" value='$add3' /></td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"add4\">County:</label> </td>
<td><input name=\"add4\" type=\"text\" tabindex=\"11\" class=\"txtbx\" value='$add4' /></td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"pcode\">Post Code:</label> </td>
<td><input name=\"pcode\" type=\"text\" tabindex=\"12\" class=\"txtbx\" value='$pcode' /></td>
</tr>
<tr>
<td height=\"29\" colspan=\"2\"><hr /></td>
</tr>
<tr class=\"formText\">
<td><label class=\"small\" for=\"market\">How did you hear of us?</label> </td>
<td><select name=\"market\" id=\"market\" tabindex=\"13\">
<option value='$market' selected>$market</option>
<option value='internet'>Internet search</option>
<option value='friend'>Friend recommended</option>
<option value='dating site'>Dating site</option>
<option value='Gay press'>Gay press</option>
<option value='Time Out'>Time Out</option>
<option value='Flyer'>Flyer</option>
<option value='previous customer'>Previous attendance</option>
<option value='other'>Other</option>
</select></td>
<td> </td>
</tr>
<tr class=\"formText\"><td><label class=\"small\" for=\"day\">Date </label><label class=\"small\" for=\"Month\"> of </label><label class=\"small\" for=\"Year\"> Birth:</label></td>
<td>
<select name=\"day\" id=\"day\" tabindex=\"14\">
<option value='$dd'>$dd</option>
");
for($i=1; $i<32; $i++)
{
  echo "<option value=\"".$i."\">".$i."\n</option>";
}
echo ("
</select>
<select name=\"month\" id=\"month\" tabindex=\"15\">
<option value='$mm'>$mm</option>
");
for($i=0; $i<12; $i++)
{
  echo "<option value=\"".$month[$i][0]."\">".$month[$i][1]."\n</option>";
}
echo ("
</select>
<select name=\"year\" id=\"year\" tabindex=\"16\">
<option value='$yyyy'>$yyyy</option>
");
for($i=1912; $i<1993; $i++)
{
  echo "<option value=\"".$i."\">".$i."\n</option>";
}
echo ("
</select>
</td>
<td> </td>
</tr>
<tr class=\"formText\">
  <td><label for=\"photo\">Upload a photo</label></td>
  <td><input name=\"photo\" type=\"file\" tabindex=\"17\"></td>
  <tr>
  <td></td>
  <td>MAX FILE SIZE : 0.5MB <a href=\"javascript:alert('Please upload a photo of yourself. Optimum size is 640 pixels wide by 480 pixels high. Maximum file size of 0.5mb.')\"><small>HELP</small></a><br /><br />
</td>
<tr class=\"formText\">
<td><label for=\"newsopt\">I wish to receive newsletters</label>
</td>
<td>
<input name=\"newsopt\" type=\"checkbox\" tabindex=\"18\" id=\"newsOpt\" value='1' checked /> 
</td>
<td> </td>
</tr>
<tr>
<td> </td>
<td>
<input type=\"submit\"  tabindex=\"19\" value=\"Continue\" class=\"btn_sm_left\" id=\"submitBtn\" onclick='this.disabled=true;this.value=\"Please Wait\";document.forms[1].submit();' style='width:120px;'/> 
<input type=\"reset\" value=\"Reset\"  class=\"btn_sm_left\" /></td>
<td> </td>
</tr>
</table> 
</form>
<p class='pink2'><strong>Note</strong>: Fields marked with an <em>asterix (*)</em> are required.</p>
");
}
?>    
</div>
</div>
    <!--primary Content-->
   
    <!--Footer-->
<?php include('includes/footer.php'); ?>
  </div>
</div>
</body>
</html>

 

 

validFormRegister

 


<?php
session_start();
$page_title = 'Booking an event';
//grab variables
$gender = $_POST["gender"];
$fname = $_POST["fname"];
$lname = $_POST["lname"];
$mobile = $_POST["mobile"];
$email = strtolower($_POST["email"]);
$password = $_POST["password"];
$cpassword = $_POST["cpassword"];
$add1 = $_POST["add1"];
$add2 = $_POST["add2"];
$add3 = $_POST["add3"];
$add4 = $_POST["add4"];
$pcode = $_POST["pcode"];
$dd = $_POST["day"];
$mm = $_POST["month"];
$yyyy = $_POST["year"];
$news = $_POST["newsopt"];
$today = date('Y-m-d H:i:s');
$cust_gender = $gender;
$username = $_POST["email"];
$id = $_GET["id"];
//error_reporting(E_ALL);
$error = array(); 
include("dbconn2.php");
include("functions.php");
$query1 = "SELECT cre_email from ".pd_credentials." where cre_email = '$email'";
$result1 = mysql_query($query1);
$row = mysql_fetch_array($result1);
if($row['cre_email'] == $email)
{
if($row['cre_email'] <> '')
  {   
    $error[7] = "<li>supplied email address already exists</li><br /> - <li>please telephone if you have forgotten your password or click here to have your password emailed to your registered email address <form action='/pwreminder.php?id=$id' method='post'><input type='hidden' name='email' value='$email' /><input type='submit' name='submit' value='Email me' /></form></li>";   
  }  
}
echo mysql_error();
mysql_close();
list($user, $mailDomain) = split("@", $email); 
if (checkdnsrr($mailDomain, "MX")) 
{ 
$msg = 1;
} 
if(!isset($_POST['gender']))   
{ 
  $error[0] = "<li>Please supply your gender</li>"; 
}
if(strlen($_POST['fname']) > "30" || strlen($_POST['fname']) < "1" || trim($_POST['fname']) == '') 
{ 
  $error[1] = "<li>Please supply your first name.</li>"; 
}
if(strlen($_POST['lname']) > "30" || strlen($_POST['lname']) < "1" || trim($_POST['lname']) == '') 
{ 
  $error[2] = "<li>Please supply your last name</li>"; 
} 
if(preg_match('/^[\(\. ]?\d{4}[\)\. -]*\d{1}[\. -]*\d{6}$/', $_POST['mobile']) === 0)
{
  $error[3] = "<li>Please check you have entered a valid mobile number</li>";
} 

if(trim($_POST['password']) != trim($_POST['cpassword']))
{ 
  $error[5] = "<li>supplied passwords do not match</li>"; 
}
if(strlen($_POST['password']) < "4" || strlen($_POST['password']) > "14" || trim($_POST['password']) == '') 
{ 
  $error[6] = "<li>Your password was not 4 - 14 characters long</li>"; 
} 
if(strlen($_POST['day']) > "1" || strlen($_POST['month']) > "1" || strlen($_POST['year']) > "1")
{
if(checkdate($mm , $dd , $yyyy) != "false")
{
  $error[9] = "<li>Please check your date of birth</li>"; 
} 
}
if ($_FILES['photo']['type']<>"" && $_FILES['photo']['type'] <> "image/jpg" && $_FILES['photo']['type'] <> "image/jpeg" && $_FILES['photo']['type'] <> "image/pjpeg") 
{
$error[10] = "<li>Invalid photo type. JPG only.</li>"; 
}
// Enter the maximum file size in bytes (1 MB)
$max_size = 524288;
if (($_FILES['photo']['size'] > $max_size || $_FILES['photo']['size']==0) && ($_FILES['photo']['name']<>"")) { 
$error[11] = "<li>Invalid photo size. Limit 0.5mb max.</li>";
} 

if(count($error) < 1) 
{
  $_SESSION['loggedin'] = 1;
  $_SESSION['cre_email'] = $username;
  
  if(($yyyy<>"" )&&($mm<>"")&&($dd<>""))
  {
    $dob = "'".$yyyy."/".$mm."/".$dd."'";
  }
  else
  {
    $dob = "null";
  }
  
  $today = mysql_escape_string(trim($today));
  $cust_gender = mysql_escape_string(trim($_POST['gender']));
  $fname = mysql_escape_string(trim($_POST['fname']));
  $lname = mysql_escape_string(trim($_POST['lname']));
  $mobile = mysql_escape_string(trim($_POST['mobile']));
  $email = mysql_escape_string(trim($_POST['email']));
  $password = mysql_escape_string(trim($_POST['password']));
  $add1 = mysql_escape_string(trim($_POST['add1']));
  $add2 = mysql_escape_string(trim($_POST['add2']));
  $add3 = mysql_escape_string(trim($_POST['add3']));
  $add4 = mysql_escape_string(trim($_POST['add4']));
  $pcode = mysql_escape_string(trim($_POST['pcode']));
  $news = mysql_escape_string(trim($_POST['newsopt']));
  $market = mysql_escape_string(trim($_POST['market']));
  
  include("dbconn2.php");
  $query1 = "SELECT MAX(cust_id) as id FROM pd_customers"; 
  
  $result1 = mysql_query($query1);
  while($row = mysql_fetch_array($result1))
  {
    $newID = $row['id'] + 1;
  }
  $_SESSION["cust_id"] = $newID;
  $hasphoto = 0;
  $url = $_FILES['photo']['name'];
  if($url<>"") {$hasphoto = 1;}
  
  include("dbconn2.php");
  $addcust = MYSQL_QUERY("INSERT INTO pd_customers (cust_id,cust_email,cust_surname,cust_title,cust_first_names,cust_mobile,cust_gender,cust_dob,cust_line_1,cust_line_2,cust_line_3,cust_line_4,cust_post_code,cust_country,cust_landline,cust_news,cust_contact, photo)". "VALUES ('$newID', '$email', '$lname', '', '$fname', '$mobile', '$cust_gender', $dob, '$add1', '$add2', '$add3', '$add4', '$pcode', '', '', '$news', '$market', $hasphoto)");
  echo(mysql_error());
  mysql_close();
  
  include("dbconn2.php");
  $addlog = MYSQL_QUERY("INSERT INTO pd_credentials (cre_email,cre_cust_id,cre_password,cre_activated,cre_last_login,cre_disabled,cre_role)". "VALUES ('$email', $newID, '$password', '$today', '$today', '0', 'user')");
  echo(mysql_error());
  mysql_close();
  
  //success...
  //now upload the image if it exists
  $msg = "
  NEW MEMBER @PINKDATE
  <br/>
  <br/>
  A new member has signed up at PinkDate.
  <br/><br/>
  Name: $fname $lname
  <br/><br/>
  ";
  
  
  if($hasphoto==1)
  {
    $msg.="This member has uploaded a new photo. Login then <a href='http://www.pinkdate.co.uk/adminupdc.php?email=$email'/>click here</a> to view and approve it.<br/><br/>";
    
    $idir = realpath("./photos/");   // Path To Images Directory 
    $tdir = realpath("./photos/thumbs/");   // Path To Thumbnails Directory 
    $twidth = "100";   // Maximum Width For Thumbnail Images 
    $theight = "125";   // Maximum Height For Thumbnail Images 
    
    $file_ext = strrchr($_FILES['photo']['name'], '.');   // Get The File Extention In The Format Of , For Instance, .jpg, .gif or .php 
    $copy = copy($_FILES['photo']['tmp_name'], "/home3/dummydre/public_html/pinkdate/photos/photo$newID.jpg");   // Move Image From Temporary Location To Permanent Location 
  
    if ($copy) 
    {   // If The Script Was Able To Copy The Image To It's Permanent Location 
      $simg = imagecreatefromjpeg("/home3/dummydre/public_html/pinkdate/photos/photo$newID.jpg");   // Make A New Temporary Image To Create The Thumbanil From 
      $currwidth = imagesx($simg);   // Current Image Width 
      $currheight = imagesy($simg);   // Current Image Height 
      if ($currheight > $currwidth) 
      {   // If Height Is Greater Than Width 
        $zoom = $twidth / $currheight;   // Length Ratio For Width 
        $newheight = $theight;   // Height Is Equal To Max Height 
        $newwidth = $currwidth * $zoom;   // Creates The New Width 
      } 
      else 
      {    // Otherwise, Assume Width Is Greater Than Height (Will Produce Same Result If Width Is Equal To Height) 
        $zoom = $twidth / $currwidth;   // Length Ratio For Height 
        $newwidth = $twidth;   // Width Is Equal To Max Width 
        $newheight = $currheight * $zoom;   // Creates The New Height 
      } 
      $dimg = imagecreate($newwidth, $newheight);   // Make New Image For Thumbnail 
      imagetruecolortopalette($simg, false, 256);   // Create New Color Pallete 
      $palsize = ImageColorsTotal($simg); 
      for ($i = 0; $i < $palsize; $i++) {   // Counting Colors In The Image 
        $colors = ImageColorsForIndex($simg, $i);   // Number Of Colors Used 
        ImageColorAllocate($dimg, $colors['red'], $colors['green'], $colors['blue']);   // Tell The Server What Colors This Image Will Use 
      } 
      imagecopyresized($dimg, $simg, 0, 0, 0, 0, $newwidth, $newheight, $currwidth, $currheight);   // Copy Resized Image To The New Image (So We Can Save It) 
      imagejpeg($dimg, "/home/www/pinkdate/photos/thumbs/photo$newID.jpg");   // Saving The Image 
      imagedestroy($simg);   // Destroying The Temporary Image 
      imagedestroy($dimg);   // Destroying The Other Temporary Image 
    } else { 
      print '<font color="#FF0000">ERROR: Unable to upload image.</font>';   // Error Message If Upload Failed 
    } 
  }
  $message = "
  <p>Hi $fname</p>
  <p>Thank you for joining Pinkdate</p>
  <p>Your user name is your email address<strong>
  ";
  $message .= $email;
  $message .= "</strong></p>";
  $message .= "<p>Your password is <strong>";
  $message .= $password;
  $message .= "</strong></p><br />";
  $message .= "<p><font size=\"-2\">You can change your details in My Account after you have logged in. If there are any problems please";
  $message .= " do not hesitate to get in touch on 08444 930615.";
  include("email.php");
  sendEmail($email, "Your PinkDate Membership", $message);
  
  $msg.= "To view the members details, <a href='http://www.pinkdate.co.uk/adminupdc.php?email=$email'/>click here</a>.<br/><br/>";
  sendEmail("[email]bookings@pinkdate.co.uk[/email]", "New PinkDate Membership", $msg);
  echo "<script language=\"JavaScript\">window.location='pd_register-confo.php'</script>";
} 

include("includes/header.php");?>
   <!--main Nav-->
      <?php include('includes/mainNav.php'); ?>
    <!--Section Title-->
    <h1><?php echo $page_title; ?></h1>
<!--primary Content-->
    <div id="primaryContent">
      <h2><span class="RedGbColor">Subscribe Now</span></h2>
      <p><br />
        Register here and create your profile and to attend an event of your choice (link please).<br />
      </p>
    </div>
    <!--Main Content-->
    <div id="mainContent">
<?php 

if(count($error) > 0) 
{ 
  echo ("Sorry $fname $lname there seems to be some sort of problem with your Data Input.<br />Please correct the errors listed below.<br />
  <ul>" . $error[0] . "" . $error[1] . "" . $error[2] . "" . $error[3] . "" . $error[4] . "" . $error[5] . "" . $error[6] . "" . $error[7] . "" . $error[8] . "" . $error[9] . "" . $error[10] . "" . $error[11] . "</ul></div>"); 
  // this will print the errors that occurred
  
  $male_status = 'unchecked';
  $female_status = 'unchecked';
  $selected_radio = $_POST['gender'];
  
  if ($selected_radio == 'm')
   {
    $male_status = 'checked';
  }
  else if ($selected_radio == 'f') 
  {
    $female_status = 'checked';
  }
  
   
  echo ("
  <div id='middlerightpad'>
  <form action='register.php?id=$id' method='post'>
  <input type='hidden' name='male_status' value='$male_status' />
  <input type='hidden' name='female_status' value='$female_status' />
  <input type='hidden' name='fname' value='$fname' />
  <input type='hidden' name='lname' value='$lname' />
  <input type='hidden' name='mobile' value='$mobile' />
  <input type='hidden' name='email' value='$email' />
  <input type='hidden' name='password' value='$password' />
  <input type='hidden' name='cpassword' value='$cpassword' />
  <input type='hidden' name='add1' value='$add1' />
  <input type='hidden' name='add2' value='$add2' />
  <input type='hidden' name='add3' value='$add3' />
  <input type='hidden' name='add4' value='$add4' />
  <input type='hidden' name='pcode' value='$pcode' />
  <input type='hidden' name='day' value='$dd' />
  <input type='hidden' name='month' value='$mm' />
  <input type='hidden' name='year' value='$yyyy' />
  <input type='hidden' name='newsopt' value='$news' />
  <label for='submit' class='pinkSH'>Go back to Booking</label>
  <input type='submit' name='submit' value='Booking' class='btn_sm' /> 
  </form>
  ");
}

?>
    </div>
    <!--primary Content-->
    <div id="primaryContent">
   
    </div>
    <!--Footer-->
<?php include('includes/footer.php'); ?>
  </div>
</div>
</body>
</html>

 

Thanks in advance.

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted
dont want to have them all re register.

 

What makes you think they would need to re-register? All you would need to do is alter your table to add a column to hold the md5 hash values, populate the new column by hashing the existing plain text passwords (can be done using ONE single update query, without a where clause, to update all rows at once), then switch the code to use the md5 hashed values instead of the plain text values. Then you can drop the existing plain text column from your table. As always, make a backup of your database and confirm during each step that the result you got was correct.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.