redarrow Posted March 14, 2007 Share Posted March 14, 2007 advance thank you. I have setup my database for password with a varchar 25 char and i need to no do i have to tell the select statement when logging in that the password is md5 encripted. The reason i ask is if i dont use the md5 on the password all's ok and can login but with md5 password i got proplams any idear please. yes the database does enter the encrpted password. please help or advise cheers. Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/ Share on other sites More sharing options...
redarrow Posted March 14, 2007 Author Share Posted March 14, 2007 code to login not getting in with encripted password <?php session_start(); $name=$_POST['name']; password=$_POST['password']; $query_blog="select * from blog_register where name='$name' and password='$password' "; $result_blog=mysql_query($query_blog) or die (mysql_error()); while($b=mysql_fetch_assoc($result_blog)){ $_SESSION['id']=$b['id']; $_SESSION['name']=$b['name']; $_SESSION['password']=$b['password']; if(mysql_num_rows($result_blog)==1){ header("location: blog.php"); exit; } } ?> Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/#findComment-206935 Share on other sites More sharing options...
redarrow Posted March 14, 2007 Author Share Posted March 14, 2007 anyone think of anythink to my post cheers? database id smallint(5) UNSIGNED ZEROFILL No auto_increment name varchar(25) Yes NULL password varchar(25) Yes NULL mail varchar(30) Yes NULL randed_number varchar(7) Yes NULL activated int(11) No 0 date int(11) Yes NULL user_ip varchar(30) Yes NULL Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/#findComment-206953 Share on other sites More sharing options...
zq29 Posted March 14, 2007 Share Posted March 14, 2007 md5 strings are 32 characters long. Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/#findComment-206956 Share on other sites More sharing options...
redarrow Posted March 14, 2007 Author Share Posted March 14, 2007 new database settings but no joy id smallint(5) UNSIGNED ZEROFILL No auto_increment name varchar(25) No password varchar(40) No mail varchar(30) No randed_number varchar(7) No activated int(11) No 0 date int(11) No 0 user_ip varchar(30) No new code wtf <?php session_start(); if($_POST['submit']){ $query_blog="select * from `blog_register` where `name`='".$_POST['name']."' and `password`='".$_POST['password']."' "; $result_blog=mysql_query($query_blog) or die (mysql_error()); while($b=mysql_fetch_assoc($result_blog)){ $_SESSION['id']=$b['id']; $_SESSION['name']=$b['name']; $_SESSION['password']=$b['password']; if(mysql_num_rows($result_blog)==1){ header("location: blog.php"); exit; } } ] ?> Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/#findComment-206966 Share on other sites More sharing options...
zq29 Posted March 14, 2007 Share Posted March 14, 2007 $name=$_POST['name']; password=$_POST['password']; $query_blog="select * from blog_register where name='$name' and password='$password' "; You're not hashing the password before comparing it to the database... Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/#findComment-206968 Share on other sites More sharing options...
redarrow Posted March 14, 2007 Author Share Posted March 14, 2007 solved Thank you so much i was so worried there your the best help ever cheers m8. Link to comment https://forums.phpfreaks.com/topic/42652-solved-password-advice-please/#findComment-206985 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.