Jump to content

Sha1 hasing


Hydrian

Recommended Posts

I have a system for users to register and login. I want to change the normal showing passwords to sha1 hashed passwords. Can you help me by telling me what line  would i put the sha1

 

<? 
include_once"config.php";
if(isset($_POST['register'])){
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$memip = $_SERVER['REMOTE_ADDR'];
$date = date("d-m-Y");
if($username == NULL OR $password == NULL OR $email == NULL){
$final_report.= "Please complete the form below..";
}else{
if(strlen($username) <= 7 || strlen($username) >= 30){
$final_report.="Your username must be between 7 and 30 characters..";
}else{
$check_members = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'");   
if(mysql_num_rows($check_members) != 0){
$final_report.="The username is already in use!";  
}else{ 
if(strlen($password) <= 6 || strlen($password) >= 30){
$final_report.="Your password must be between 6 and 30 digits and characters..";
}else{
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){ 
$final_report.="Your email address was not valid..";
}else{
$create_member = mysql_query("INSERT INTO `members` (`id`,`username`, `password`, `email`, `ip`, `date`) 
VALUES('','$username','$password','$email','$memip','$date')"); 
$final_report.="Thank you for registering, you may now login."; 
}}}}}}
?>

Link to comment
Share on other sites

SHA1 is not secure for password storage. It is a general purpose hashing algorithm used for things like checking file integrity.

 

Also, it makes no sense at all to limit the max password length if you are hashing it. It will always come out to be the same size regardless of the input size.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.