Jump to content

base64_encode

forumnz

By forumnz
in PHP Coding Help

 Share

Recommended Posts

forumnz Advanced Member

forumnz

Posted
Posted
Does anyone know how to put "base64_encode" into this script to encrypt the password?

Script:

[code]<?php
  session_start();
 
  $con = mysql_connect("localhost","$$$","###");
  if (!$con)
  {
    die('Could not connect: ' . mysql_error());
  }

  mysql_select_db("my_db", $con);

if( isset($_POST['Submit']) ) 

  //Store/validate/escape
  $password = $_POST['password'];
  $email = $_POST['email']; 
  $area = $_POST['area']; 
  $phone = $_POST['phone']; 
  $age = $_POST['age']; 
  $message = $_POST['message'];
 
  //Reset
  unset($_POST);
 
  $id = $_SESSION['userid'];
  $query = "UPDATE members SET password='$password', email='$email', area='$area', phone='$phone', age='$age', message='$message' WHERE id='$id'";
  mysql_query($query);
 
  //echo "$query\n\n";
  if( mysql_errno() )
  {
    echo "\n\nERROR: " . mysql_error();
  }

}


  $valid = false;
  if( isset($_SESSION['userid']) )
  {
    //do whatever appropriate validation is necessary on id
    //if we encounter errors abort?
    $id = $_SESSION['userid'];

    //No errors... proceed

    //connect to database

    $query = "SELECT password, email, area, phone, age, message FROM members WHERE id = '$id'";

//echo "$query\n\n";
    $result = mysql_query($query);
if( mysql_errno() )
    {
      echo "\n\nERROR: " . mysql_error();
    }
    $row = mysql_fetch_row($result);

    $password = "";  //echo "PASSWORD: $password\n";
$email = "";  //echo "EMAIL: $email\n";
$area = "";    //echo "AREA: $area\n";
$phone = "";  //echo "PHONE: $phone\n";
$age = "";    //echo "AGE: $age\n";
$message = ""; //echo "MESSAGE: $message\n";

    if( $row )
    {
      $valid = true;
  $password = $row[0];
      $email = $row[1];
  $area = $row[2];
  $phone = $row[3];
  $age = $row[4];
  $message = $row[5];
    }
    else
    {
      //Invalid username... handle error appropriately
      $valid = false;
    }

    //disconnect from database
  }
  else
  {
    //ERROR - Not logged in....
    //Redirect to login page?
    $valid = false;
  }

  if( !$valid )
  {
      //Errors, redirect....
  }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Page to test</title>
</head>

<body>
<p>Edit Profile</p>
<form id="form1" name="form1" method="post" action="edit.php">
<p>Password :
  <?php
  echo "<input name=\"password\" type=\"password\" id=\"password\" value=\"$password\" />\n";
  ?>
  <!--Confirm Password :
  //<input name="password" type="text" id="password" />-->
</p>
<p>Email Address :
  <?php
      echo "<input name=\"email\" type=\"text\" id=\"email\" value=\"$email\" />\n";
  ?>
</p>
<p>Area :
  <?php
      echo "<input name=\"area\" type=\"text\" id=\"area\" value=\"$area\" />\n";
  ?>
</p>
<p>Phone Number :
<?php
echo "<input name=\"phone\" type=\"text\" id=\"phone\" value=\"$phone\" />\n";
?> </p>
<p>Age :
<?php
echo "<input name=\"age\" type=\"text\" id=\"age\" value=\"$age\" />\n";
?>
</p>
<p>Personal Message :
  <?php
  echo "<textarea name=\"message\" id=\"message\">$message</textarea>\n";

?>
</p>
<p>
  <label>
  <input type="submit" name="Submit" value="Go!" />
  </label>
</p>

</form>
<p>&nbsp; </p>
</body>
</html>
[/code]
Link to comment
https://forums.phpfreaks.com/topic/32625-base64_encode/
Share on other sites
Philip Advanced Member

Philip

Posted
Posted
It's pretty important. People can easily read your information stored in the database if you're not careful.

Try reading about it here. I know there are plenty of other topics about this on the forum.
http://www.phpfreaks.com/forums/index.php/topic,110976.0.html

--

And for the other thing what I meant (I wasnt clear, sorry) was to replace
$password = $_POST['password'];
with
$password = base64_encode($_POST['password']);
That will make $password the encrypted password.
Link to comment
https://forums.phpfreaks.com/topic/32625-base64_encode/#findComment-151792
Share on other sites
forumnz Advanced Member

forumnz

Posted
  • Author
Posted
Ok thanks, I managed to get that going and I will clean up the script pretty soon but now i have another problem.

This script is for someone to edit their profile...

I have made it so that nothing shows up in the password box, but now when the user resubmits their information, the database is edited and they now dont have a password.

What can I do to prevent the password to be sent if they dont want to change it?
Link to comment
https://forums.phpfreaks.com/topic/32625-base64_encode/#findComment-151799
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.