Hazukiy Posted June 16, 2013 Share Posted June 16, 2013 Hi, I've got some issues with my salting when I register... basically everything works fine apart from the salting and I can't get my head around it? Here's my php register function: public function register() { $correct = false; try { $con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD ); $con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION ); $sql = "INSERT INTO list_members(username, email, password) VALUES(:username, :email, :password)"; $stmt = $con->prepare( $sql ); $stmt->bindValue( "username", $this->username, PDO::PARAM_STR ); $stmt->bindValue( "email", $this->email, PDO::PARAM_STR ); $stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR ); $stmt->execute(); return header('Location: index.html'); }catch( PDOException $e ) { return $e->getMessage(); } } And then I have my public variables displayed like this: public $username = null; public $email = null; public $password = null; public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w"; Help would be much appreciated. Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/ Share on other sites More sharing options...
trq Posted June 17, 2013 Share Posted June 17, 2013 You haven't described your actual problem. Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436301 Share on other sites More sharing options...
Hazukiy Posted June 17, 2013 Author Share Posted June 17, 2013 You haven't described your actual problem. Oh sorry, the problem is that the salt isn't being added to the database, it's just left blank. Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436322 Share on other sites More sharing options...
cyberRobot Posted June 17, 2013 Share Posted June 17, 2013 Oh sorry, the problem is that the salt isn't being added to the database, it's just left blank. Are you looking to store the salt in the database with each user record? If so, you need to modify the query to include the salt. It currently only references username, e-mail, and password. $sql = "INSERT INTO list_members(username, email, password) VALUES(:username, :email, :password)"; Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436387 Share on other sites More sharing options...
Hazukiy Posted June 17, 2013 Author Share Posted June 17, 2013 Are you looking to store the salt in the database with each user record? If so, you need to modify the query to include the salt. It currently only references username, e-mail, and password. $sql = "INSERT INTO list_members(username, email, password) VALUES(:username, :email, :password)"; Ah that's it, I must of missed it out xD Thanks for the help. Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436400 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.