Jump to content

Archived

This topic is now archived and is closed to further replies.

AeonE

HELP!! how to retrieve data from database with encryption..

Recommended Posts

guys,
I'm having some problem here, after I created my registration form (username and password fields only) using this code

[quote]
<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);

$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "INSERT INTO $tablename VALUES('$username','$password')"; //change $password to $enc_pwd for encrypted password!!!
$result = mysql_query($query);
if (!$result)
{
die ("query failed, please check again <br>");
}
?>

[/quote]

that code above is for creating new user and it works, when I go to mysql in phpmyadmin it says the password for this use is 234242hj4hj24hj.

but then I created the login form, with these code

[quote]
<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);
$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "SELECT * from $tablename where customerId = '$username' and password = '$enc_pwd'";
$result = mysql_query($query);
if ($row = mysql_fetch_array($result))
{
if(!$enc_pwd == $row[password])
{
die ("Wrong Password");
}
}
else
{
die ("User not exists/password Incorrect");
}
?>

[/quote]

and it seems I could not retrieve the data from the database... it always says "User not exists/password Incorrect", checked the HTML form with the login everything are same,
oh boy, it suxs I tried over over and over still no luck, maybe some1 here can help me, HELPP!!

many thanks

Share this post


Link to post
Share on other sites
Your insert statement is inserting $password when it should be inserting $enc_pwd. You have a comment there that says to switch it out, but the code you posted doesn't have them switched out.

Share this post


Link to post
Share on other sites
[!--quoteo(post=353918:date=Mar 11 2006, 09:31 AM:name=wickning1)--][div class=\'quotetop\']QUOTE(wickning1 @ Mar 11 2006, 09:31 AM) [snapback]353918[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Your insert statement is inserting $password when it should be inserting $enc_pwd. You have a comment there that says to switch it out, but the code you posted doesn't have them switched out.
[/quote]

can you correct it for me, bro? cause Imma kinda new to this php

many thanks

Share this post


Link to post
Share on other sites
<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);
$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "SELECT * from $tablename where customerId='$username' and password='$enc_pwd'";
$result = mysql_query($query);
if (mysql_num_rows($result) > 0){
echo "password correct! you logged in";
}else{
echo "incorrect login!";
}
?>

Share this post


Link to post
Share on other sites
[!--quoteo(post=353940:date=Mar 11 2006, 11:07 AM:name=joecooper)--][div class=\'quotetop\']QUOTE(joecooper @ Mar 11 2006, 11:07 AM) [snapback]353940[/snapback][/div][div class=\'quotemain\'][!--quotec--]

$result = mysql_query($query);
if (mysql_num_rows($result) > 0){
echo "password correct! you logged in";
}else{
echo "incorrect login!";
}

[/quote]

still won't work, Im getting Incorrect login everytime I tried to login.
I'm stuck...

Share this post


Link to post
Share on other sites
The code for creating a user:

[code]<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);

$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "INSERT INTO $tablename VALUES('$username','$enc_pwd')"; //change $password to $enc_pwd for encrypted password!!!
$result = mysql_query($query);
if (!$result)
{
die ("query failed, please check again <br>");
}
?>[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.