Jump to content

encrtption

alienmojo

By alienmojo
in PHP Coding Help

 Share

Recommended Posts

genericnumber1 Member

genericnumber1

Posted
Posted
[quote author=magic2goodil link=topic=121597.msg500354#msg500354 date=1168314688]
Here is what i suggested the other day when this question was asked:

http://www.phpfreaks.com/forums/index.php/topic,121318.0.html
[/quote]

For password he would want to use a one way encryption like MD5, what you've linked there is a 2 way encryption..
Link to comment
Share on other sites
magic2goodil Member

magic2goodil

Posted
Posted
Not always true though..say you want to store the password in a cookie and then pull it back out of the cookie later such as a remember function..Would you not want to decrypt it? 
Although as I typed that, I realized you could store it as md5() encrypted in the cookie, and then reference it against md5() encrypted password drawn from database...Well I guess that would work in theory.
But there's a link for 2 way if you want it :P
Link to comment
Share on other sites
magic2goodil Member

magic2goodil

Posted
Posted
[quote author=jesirose link=topic=121597.msg500374#msg500374 date=1168315770]
tee hee you said cookies into cookies.

magic: you'd encrypt both and check if they match. Pretty rare to get a false match. (Some people like to use two methods and check them both, md5 and sha1 for example).
[/quote]

what i was saying was a cookie saved with an md5() encrypted password which means it is already encrypted and would not need to be encrypted again to be cross-referenced to the database password being drawn out and then encrypted...silly girl :P
Link to comment
Share on other sites
alienmojo Member

alienmojo

Posted
  • Author
Posted
hee this might be easyer
[code]<?php

$db_host="localhost";
$db_user="root";
$db_pass="*****";
$database="realestate";

$IP=$_SERVER["REMOTE_ADDR"];

if (isset($_POST["pass"]))
{
mysql_connect($db_host,$db_user,$db_pass) or die("Unable to connect to database");
mysql_select_db($database) or die( "Unable to select database");

$login=htmlentities($_POST["login"], ENT_QUOTES);
$pass=htmlentities($_POST["pass"], ENT_QUOTES);
$resultat=mysql_query("SELECT id,pass FROM users WHERE login ='".$login."';");

if($ligne = mysql_fetch_array ($resultat))
{
$uid=$ligne["id"];


$bantime=time()-600;
mysql_query("DELETE FROM logins_f WHERE time<$bantime");
$res3=mysql_query("SELECT count(*) FROM logins_f WHERE (uid='".$uid."' AND IP='".$IP."');");
if(!($lig3=mysql_fetch_row($res3))) die('Error connecting to the database, please try again');
if($lig3[0]>=3)echo 'Too many failed attempts, account and IP locked for 10 minutes.<br/>';
else
{
if(($ligne['pass']==$pass) && ($ligne['pass']!=''))
{
$_SESSION["uname"] = $login;
if(isset($_POST["IPsec"]))$_SESSION["IP"]=$IP;
else $_SESSION["IP"]="no";
}
else
{
mysql_query("INSERT INTO logins_f SET uid='".$uid."',time='".time()."',IP='".$IP."'");
echo 'Wrong password&#160;!<br/>';
}
}
}
else echo 'Wrong login or password.<br/>';

mysql_close();
}

if (!isset($_SESSION["uname"]))
{
session_destroy();
echo '<h3>Please log in :</h3><br/><form action="" method="post">
<div>
<label for="login">Login</label>&nbsp;: <input type="text" name="login" id="login" size="50" value="" /><br/>
<label for="pass">Password</label>&nbsp;: <input type="password" name="pass" id="pass" size="50" /><br/>
<input type="checkbox" name="IPsec" id="IPsec" checked="checked" /> <label for="IPsec">Use IP session lock</label><br/>
<input type="submit" value=" Log in " />
</div>
</form>';
}

else if(isset($_GET["log"]) && $_GET["log"]=="logout")
{
session_destroy();
echo 'You are now logged out. <a href="">Click here to log in</a>.<br/>';
$bug_fix=1;
}

else if($_SESSION["IP"]!="no" && $_SESSION["IP"]!=$IP)
{
session_destroy();
echo 'You have been kicked by the IP security. <a href="'.$_SERVER["PHP_SELF"].'">Click here to log in again</a>.<br/>';
$bug_fix=1;
}

if (isset($_SESSION["uname"]) && !isset($bug_fix))
{
echo 'Welcome '.$_SESSION["uname"].'&#160;! <a href="'.$_SERVER["PHP_SELF"].'?log=logout">Click here to log out</a>.<br/>';
}
?>[/code]

how would i add md5() encryption to this and please explain everything
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.