AzeS Posted February 14, 2018 Share Posted February 14, 2018 I have to create an id check. For this, an id is generated and written in a cookie, encrypted by the md5 algorithm and a password phrase.Then the id sent to the page and encrypted with the same process and afterwards written to a variable.Then the cookie is read out and compared with the variabele, all well until the fact that the two strings are not considered equal even though they are. <?php $reference = $_GET['id']; setcookie("meoid", md5($reference . "Password") . " OID:" . $reference,time()+(600)); if (isset($_GET['id'])) { $hash = md5(trim(strip_tags($_GET['id'])) . "Password"); if ($hash == $_COOKIE['meoid']) { echo "yes: hash= " . $hash . "::::meoid: " . $_COOKIE['meoid']; } else { echo "no: hash= " . $hash . "::::meoid: " . $_COOKIE['meoid'] . " GENERATET: " . md5($_GET['id'] . "Password"); } } else { header("Location: ../../../../report.php?x=Abuse of Success"); } ?> what am i doing wrong here Quote Link to comment https://forums.phpfreaks.com/topic/306541-im-going-crazy-a-md5-comparison-fools-me/ Share on other sites More sharing options...
Solution Psycho Posted February 14, 2018 Solution Share Posted February 14, 2018 (edited) Hard for me not to be condescending. How do you think these two values would be the same? The cookie value setcookie("meoid", md5($reference . "Password") . " OID:" . $reference,time()+(600)); The reference hash $hash = md5(trim(strip_tags($_GET['id'])) . "Password"); Two problems: 1. You are trimming and using strip_tags() on the $_GET value in one case and not the other 2. At the end of the first value you are also including "OID" . $reference but not on the other. If you need to 'create a code' or some other p[rocess that should be repeatable, you should create a function to do it rather than creating the process multiple times. Edited February 14, 2018 by Psycho Quote Link to comment https://forums.phpfreaks.com/topic/306541-im-going-crazy-a-md5-comparison-fools-me/#findComment-1556399 Share on other sites More sharing options...
AzeS Posted February 14, 2018 Author Share Posted February 14, 2018 (edited) .... Edited February 14, 2018 by AzeS Quote Link to comment https://forums.phpfreaks.com/topic/306541-im-going-crazy-a-md5-comparison-fools-me/#findComment-1556400 Share on other sites More sharing options...
AzeS Posted February 14, 2018 Author Share Posted February 14, 2018 (edited) ok now ive seen it, im the worst, i assume that i just needed an other pair of eyes, thanks psycho Edited February 14, 2018 by AzeS Quote Link to comment https://forums.phpfreaks.com/topic/306541-im-going-crazy-a-md5-comparison-fools-me/#findComment-1556402 Share on other sites More sharing options...
Psycho Posted February 14, 2018 Share Posted February 14, 2018 ok now ive seen it, im the worst, i assume that i just needed an other pair of eyes, thanks psycho I hope you created a function as opposed to rewriting those two sets of logic to be identical. Quote Link to comment https://forums.phpfreaks.com/topic/306541-im-going-crazy-a-md5-comparison-fools-me/#findComment-1556403 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.