Jump to content

Recommended Posts

I have a signup form that encrypts the password into md5 format, which then stores it in to the database.

 

I then have a login section that translates the password into md5 to check against the stored version.  However the one that is entered and posted via a password field, results in a different md5 hash, is this due to the nature of the password field or post, if so what is the best way to store an encrypted password and then compare it?

 

Thanks in advance.

Link to comment
https://forums.phpfreaks.com/topic/69648-solved-md5-and-post/
Share on other sites

hmm, well no i'm not using a js md5 func, it's pure php.  The php md5's the pass during signup and converts the one entered at login, however the one created at signup is 5f4dcc3b5aa765d61d8327deb882cf99 and when inserted at login returns d41d8cd98f00b204e9800998ecf8427e

 

Any more suggestions?

Link to comment
https://forums.phpfreaks.com/topic/69648-solved-md5-and-post/#findComment-350059
Share on other sites

Well that just doesn't make sense. Are you 100% sure you're entering the same password? Perhaps there's an extra character in one of them somewhere?

 

The string 'password' generates your first hash - 5f4dcc3b5aa765d61d8327deb882cf99 - so the register appears to be working ok; perhaps there is an issue with your login script.

Link to comment
https://forums.phpfreaks.com/topic/69648-solved-md5-and-post/#findComment-350065
Share on other sites

This is what is invoked when login is clicked:

<?php
$username = $_POST['username'];
$password = $_POST['password'];
$password = md5($password);
Central::login($username, $password);
?>

 

This is the login script:

<?php

function login($username, $password) {
	echo $password;
	$sql = "SELECT f_name FROM members WHERE email = '" . $username . "' AND password = '" . $password . "'";

	if ($qry = mysql_query(mysql_real_escape_string($sql))) {
		$_SESSION['USERNAME'] = mysql_result($qry, 0);
	} else {
		trigger_error("You did not enter valid credentials, Please try again.", E_USER_WARNING);
	}
}
?>

 

The echo is just to tell me what it's looking for.  Should be really simple.

Can you see where it's going wrong?

Link to comment
https://forums.phpfreaks.com/topic/69648-solved-md5-and-post/#findComment-350077
Share on other sites

tried trim already no joy, does anyone have a working script that may be a bit better, they wouldn't mind posting me.  The strange thing is it's the same php engine working on the script and it's the same browser posting the data, has me baffled.

Link to comment
https://forums.phpfreaks.com/topic/69648-solved-md5-and-post/#findComment-350142
Share on other sites

I just tried this...

$p = $_POST['nowt'];
$sum = md5($p);
echo $sum;

Obviously the form element 'nowt' doesn't exist, but it gave the following sum:

d41d8cd98f00b204e9800998ecf8427e

Look similar? Look for a spelling mistake in your form!

lol don't you just love the manytrix...

Link to comment
https://forums.phpfreaks.com/topic/69648-solved-md5-and-post/#findComment-350155
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.