Jump to content

HELP!! how to retrieve data from database with encryption..


AeonE

Recommended Posts

guys,
I'm having some problem here, after I created my registration form (username and password fields only) using this code

[quote]
<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);

$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "INSERT INTO $tablename VALUES('$username','$password')"; //change $password to $enc_pwd for encrypted password!!!
$result = mysql_query($query);
if (!$result)
{
die ("query failed, please check again <br>");
}
?>

[/quote]

that code above is for creating new user and it works, when I go to mysql in phpmyadmin it says the password for this use is 234242hj4hj24hj.

but then I created the login form, with these code

[quote]
<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);
$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "SELECT * from $tablename where customerId = '$username' and password = '$enc_pwd'";
$result = mysql_query($query);
if ($row = mysql_fetch_array($result))
{
if(!$enc_pwd == $row[password])
{
die ("Wrong Password");
}
}
else
{
die ("User not exists/password Incorrect");
}
?>

[/quote]

and it seems I could not retrieve the data from the database... it always says "User not exists/password Incorrect", checked the HTML form with the login everything are same,
oh boy, it suxs I tried over over and over still no luck, maybe some1 here can help me, HELPP!!

many thanks
Link to comment
Share on other sites

[!--quoteo(post=353918:date=Mar 11 2006, 09:31 AM:name=wickning1)--][div class=\'quotetop\']QUOTE(wickning1 @ Mar 11 2006, 09:31 AM) [snapback]353918[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Your insert statement is inserting $password when it should be inserting $enc_pwd. You have a comment there that says to switch it out, but the code you posted doesn't have them switched out.
[/quote]

can you correct it for me, bro? cause Imma kinda new to this php

many thanks
Link to comment
Share on other sites

<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);
$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "SELECT * from $tablename where customerId='$username' and password='$enc_pwd'";
$result = mysql_query($query);
if (mysql_num_rows($result) > 0){
echo "password correct! you logged in";
}else{
echo "incorrect login!";
}
?>
Link to comment
Share on other sites

[!--quoteo(post=353940:date=Mar 11 2006, 11:07 AM:name=joecooper)--][div class=\'quotetop\']QUOTE(joecooper @ Mar 11 2006, 11:07 AM) [snapback]353940[/snapback][/div][div class=\'quotemain\'][!--quotec--]

$result = mysql_query($query);
if (mysql_num_rows($result) > 0){
echo "password correct! you logged in";
}else{
echo "incorrect login!";
}

[/quote]

still won't work, Im getting Incorrect login everytime I tried to login.
I'm stuck...
Link to comment
Share on other sites

The code for creating a user:

[code]<?php
$host = '';
$uname = "root";
$pass = "";
$database = "db";
$tablename = "login";

$username = $_POST[customerId];
$password = $_POST[password];
$enc_pwd = md5($password);

$connection = mysql_connect ($host,$uname,$pass)
or die("Database connection failed, please re-check!!");

$result = mysql_select_db($database)
or die ("Database could not selected, please check again!!");

$query = "INSERT INTO $tablename VALUES('$username','$enc_pwd')"; //change $password to $enc_pwd for encrypted password!!!
$result = mysql_query($query);
if (!$result)
{
die ("query failed, please check again <br>");
}
?>[/code]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.