Jump to content


Photo

HELP!! how to retrieve data from database with encryption..


  • Please log in to reply
5 replies to this topic

#1 AeonE

AeonE
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 11 March 2006 - 01:34 PM

guys,
I'm having some problem here, after I created my registration form (username and password fields only) using this code

<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);

$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "INSERT INTO $tablename VALUES('$username','$password')"; //change $password to $enc_pwd for encrypted password!!!
$result = mysql_query($query);
if (!$result)
{
die ("query failed, please check again <br>");
}
?>



that code above is for creating new user and it works, when I go to mysql in phpmyadmin it says the password for this use is 234242hj4hj24hj.

but then I created the login form, with these code

<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);
$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "SELECT * from $tablename where customerId = '$username' and password = '$enc_pwd'";
$result = mysql_query($query);
if ($row = mysql_fetch_array($result))
{
if(!$enc_pwd == $row[password])
{
die ("Wrong Password");
}
}
else
{
die ("User not exists/password Incorrect");
}
?>


and it seems I could not retrieve the data from the database... it always says "User not exists/password Incorrect", checked the HTML form with the login everything are same,
oh boy, it suxs I tried over over and over still no luck, maybe some1 here can help me, HELPP!!

many thanks

#2 wickning1

wickning1
  • Members
  • PipPipPip
  • Advanced Member
  • 405 posts

Posted 11 March 2006 - 02:31 PM

Your insert statement is inserting $password when it should be inserting $enc_pwd. You have a comment there that says to switch it out, but the code you posted doesn't have them switched out.

#3 AeonE

AeonE
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 11 March 2006 - 03:20 PM

[!--quoteo(post=353918:date=Mar 11 2006, 09:31 AM:name=wickning1)--][div class=\'quotetop\']QUOTE(wickning1 @ Mar 11 2006, 09:31 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Your insert statement is inserting $password when it should be inserting $enc_pwd. You have a comment there that says to switch it out, but the code you posted doesn't have them switched out.
[/quote]

can you correct it for me, bro? cause Imma kinda new to this php

many thanks

#4 joecooper

joecooper
  • Members
  • PipPipPip
  • Advanced Member
  • 358 posts

Posted 11 March 2006 - 04:07 PM

<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);
$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "SELECT * from $tablename where customerId='$username' and password='$enc_pwd'";
$result = mysql_query($query);
if (mysql_num_rows($result) > 0){
echo "password correct! you logged in";
}else{
echo "incorrect login!";
}
?>
Signature:
[/a]
[a href="http://www.planet-so...=1999&lngWId=8" target="_blank"]EzLogin 1.0[/a]
[a href="http://www.essexracers.com" target="_blank"]Essexracers.com[/a]
Msn Messenger: joe@joeyjoe.co.uk

#5 AeonE

AeonE
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 11 March 2006 - 04:28 PM

[!--quoteo(post=353940:date=Mar 11 2006, 11:07 AM:name=joecooper)--][div class=\'quotetop\']QUOTE(joecooper @ Mar 11 2006, 11:07 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]

$result = mysql_query($query);
if (mysql_num_rows($result) > 0){
echo "password correct! you logged in";
}else{
echo "incorrect login!";
}

[/quote]

still won't work, Im getting Incorrect login everytime I tried to login.
I'm stuck...

#6 wickning1

wickning1
  • Members
  • PipPipPip
  • Advanced Member
  • 405 posts

Posted 12 March 2006 - 06:53 AM

The code for creating a user:

<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);

$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "INSERT INTO $tablename VALUES('$username','$enc_pwd')"; //change $password to $enc_pwd for encrypted password!!!
$result = mysql_query($query);
if (!$result)
{
die ("query failed, please check again <br>");
}
?>





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users