Hydrian Posted September 1, 2012 Share Posted September 1, 2012 I have a system for users to register and login. I want to change the normal showing passwords to sha1 hashed passwords. Can you help me by telling me what line would i put the sha1 <? include_once"config.php"; if(isset($_POST['register'])){ $username = $_POST['username']; $password = $_POST['password']; $email = $_POST['email']; $memip = $_SERVER['REMOTE_ADDR']; $date = date("d-m-Y"); if($username == NULL OR $password == NULL OR $email == NULL){ $final_report.= "Please complete the form below.."; }else{ if(strlen($username) <= 7 || strlen($username) >= 30){ $final_report.="Your username must be between 7 and 30 characters.."; }else{ $check_members = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'"); if(mysql_num_rows($check_members) != 0){ $final_report.="The username is already in use!"; }else{ if(strlen($password) <= 6 || strlen($password) >= 30){ $final_report.="Your password must be between 6 and 30 digits and characters.."; }else{ if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){ $final_report.="Your email address was not valid.."; }else{ $create_member = mysql_query("INSERT INTO `members` (`id`,`username`, `password`, `email`, `ip`, `date`) VALUES('','$username','$password','$email','$memip','$date')"); $final_report.="Thank you for registering, you may now login."; }}}}}} ?> Quote Link to comment Share on other sites More sharing options...
Hydrian Posted September 1, 2012 Author Share Posted September 1, 2012 Topic suposed to be Sha1 Hashing Quote Link to comment Share on other sites More sharing options...
scootstah Posted September 1, 2012 Share Posted September 1, 2012 SHA1 is not secure for password storage. It is a general purpose hashing algorithm used for things like checking file integrity. Also, it makes no sense at all to limit the max password length if you are hashing it. It will always come out to be the same size regardless of the input size. Quote Link to comment Share on other sites More sharing options...
Hydrian Posted September 1, 2012 Author Share Posted September 1, 2012 well i want to md5 the passwords. so its safe Quote Link to comment Share on other sites More sharing options...
Christian F. Posted September 1, 2012 Share Posted September 1, 2012 I strongly recommend that you read this article about secure login systems, it will explain everything you're wondering about. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.