Hazukiy Posted June 16, 2013 Share Posted June 16, 2013 Hi, I've got some issues with my salting when I register... basically everything works fine apart from the salting and I can't get my head around it? Here's my php register function: public function register() { $correct = false; try { $con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD ); $con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION ); $sql = "INSERT INTO list_members(username, email, password) VALUES(:username, :email, :password)"; $stmt = $con->prepare( $sql ); $stmt->bindValue( "username", $this->username, PDO::PARAM_STR ); $stmt->bindValue( "email", $this->email, PDO::PARAM_STR ); $stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR ); $stmt->execute(); return header('Location: index.html'); }catch( PDOException $e ) { return $e->getMessage(); } } And then I have my public variables displayed like this: public $username = null; public $email = null; public $password = null; public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w"; Help would be much appreciated. Quote Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/ Share on other sites More sharing options...
trq Posted June 17, 2013 Share Posted June 17, 2013 You haven't described your actual problem. Quote Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436301 Share on other sites More sharing options...
Hazukiy Posted June 17, 2013 Author Share Posted June 17, 2013 You haven't described your actual problem. Oh sorry, the problem is that the salt isn't being added to the database, it's just left blank. Quote Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436322 Share on other sites More sharing options...
Solution cyberRobot Posted June 17, 2013 Solution Share Posted June 17, 2013 Oh sorry, the problem is that the salt isn't being added to the database, it's just left blank. Are you looking to store the salt in the database with each user record? If so, you need to modify the query to include the salt. It currently only references username, e-mail, and password. $sql = "INSERT INTO list_members(username, email, password) VALUES(:username, :email, :password)"; Quote Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436387 Share on other sites More sharing options...
Hazukiy Posted June 17, 2013 Author Share Posted June 17, 2013 Are you looking to store the salt in the database with each user record? If so, you need to modify the query to include the salt. It currently only references username, e-mail, and password. $sql = "INSERT INTO list_members(username, email, password) VALUES(:username, :email, :password)"; Ah that's it, I must of missed it out xD Thanks for the help. Quote Link to comment https://forums.phpfreaks.com/topic/279243-password-salting-problem/#findComment-1436400 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.