Jump to content

Error with login...Notice: Undefined index: salt


Recommended Posts

Hi

 

I'm having a strange error with this code and i get it working properly

 function CheckLoginInDB($username,$password)
    {
        if(!$this->DBLogin())
        {
            $this->HandleError("Erro na ligação à Base de Dados!");
            return false;
        }
		
        $username = $this->SanitizeForSQL($username);
		$nresult = mysql_query("SELECT * FROM utilizador WHERE utilizador = '$username'", $this->connection) or die(mysql_error());
        // check for result 
        $no_of_rows = mysql_num_rows($nresult);
        if ($no_of_rows > 0) {
            $nresult = mysql_fetch_array($nresult);
            $salt = $nresult['salt'];
			echo $salt;
            $encrypted_password = $nresult['password'];
			$hash = $this->checkhashSSHA($salt, $password);
			echo $hash;
        }
        $qry = "Select idutilizador, nome, email from utilizador where utilizador='$username' and password='$hash'";
        $result = mysql_query($qry,$this->connection);
        if(!$result || mysql_num_rows($result) <= 0)
        {
            $this->HandleError("Erro: Utilizador ou password errados");
            return false;
        }    
        $row = mysql_fetch_assoc($result);
		$_SESSION['idutilizador']  = $row['idutilizador'];
        $_SESSION['name_of_user']  = $row['nome'];
        $_SESSION['email_of_user'] = $row['email'];
		
        return true;
    }

This is my table

 

Field                                          Type         Collation          Null    Key     Default  Extra           Privileges                       Comment  
---------------------------------------------  -----------  -----------------  ------  ------  -------  --------------  -------------------------------  ---------
idutilizador                                   int(11)      (NULL)             NO      PRI     (NULL)   auto_increment  select,insert,update,references           
nome                                           varchar(45)  latin1_general_ci  NO              (NULL)                   select,insert,update,references           
utilizador                                     varchar(45)  latin1_general_ci  NO              (NULL)                   select,insert,update,references           
telefone                                       int(11)      (NULL)             YES             (NULL)                   select,insert,update,references           
email                                          varchar(45)  latin1_general_ci  NO              (NULL)                   select,insert,update,references           
password                                       varchar(45)  latin1_general_ci  NO              (NULL)                   select,insert,update,references           
sexo                                           int(11)      (NULL)             NO              (NULL)                   select,insert,update,references           
opcao                                          binary(10)   (NULL)             NO              (NULL)                   select,insert,update,references           
grupodisciplinar_idgrupodisciplinar            int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
escola_idescola                                int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
tipoutilizador_idtipoutilizador                int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
departamento_iddepartamento                    int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
categoriaprofissional_idcategoriaprofissional  int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
nivelensino_idnivelensino                      int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
privilegio_idprivilegio                        int(11)      (NULL)             YES     MUL     (NULL)                   select,insert,update,references           
 
 
Any help please?
 
Thanks

 

Thank you

 

So how can i use one way, i mean only the password to verify if the hashed pass is equal to the one stored in database?

 

i have this function

<code=php>

 public function checkhashSSHA($salt, $password) {
        $hash = base64_encode(sha1($password . $salt, true) . $salt);
        return $hash;
    }
<code>
 
Thanks

In order to compare the password hash correctly you need pass that function the original salt the password hash was generated with. Without the salt you cant compare the hashes!

 

I would recommend you not salting the passwords yourself. Instead use PHP's password_hash function to hash the password then use password_verify to see if the user entered correct password. You will need to use ircmaxwell's password_compat library if you are not running PHP5.5

Edited by Ch0cu3r
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.