Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > PHP/MySQL > PHP Databases
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
PHP Databases Using PHP in conjunction with databases. PHP questions not specific to databases should be directed to one of the other PHP forums.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the PHP Databases section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old October 27th, 2005, 02:14 PM
Registered User
 
Join Date: Oct 2005
Location: , , .
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Create simple username password datebase

<?php


// COMMIT ADD
  $link = mysql_connect("localhost", "root", "")
    or die("Could not connect: " . mysql_error());
  mysql_select_db('registration', $link)
    or die ( mysql_error());
  switch ($_GET['action']) {
    case "add":
      switch ($_GET['type']) {
        case "Register":
          $sql = "INSERT INTO user_info
                    (username,
                    password,
                    email)
                  VALUES
                    ('" . $_POST['username'] . "',
                    '" . $_POST['password'] . "',
                    '" . $_POST['email'] . "')";
          break;
      }
      break;
  }

  if (isset($sql) && !empty($sql)) {
    echo "";
    $result = mysql_query($sql)
      or die("Invalid query: " . mysql_error());
?>
 <p align="center" style="color:#FF0000">
    Done. <a href="admin_loggedin.php">admin</a>
  </p>
<?php
  }
?>

This is my code and it works but I want the password to be hashed I am not sure how I can do this Please help

Reply With Quote
  #2 (permalink)  
Old October 28th, 2005, 06:22 AM
Friend of Wrox
 
Join Date: Mar 2004
Location: Bhopal, MP, India.
Posts: 357
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to anshul
Default

If you mean to encrypt password, use md5(). It's best and established method. Compare it's (one that resides in db) value with md5 of that user enter in form, during login.

http://anshul.guideseeq.com/

Regards,

`~@#\^%&*/\.<.\/-|+|_!:;..=?>
Support Indian students' finances http://scholarship.mediasworks.com/
Reply With Quote
  #3 (permalink)  
Old October 28th, 2005, 09:38 AM
Registered User
 
Join Date: Oct 2005
Location: , , .
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

So that does not tell me anything I just want to know how to get this line '" . $_POST['password'] . "', To have a PASSWORD to be put in it. I think it is something like this but this does not work "(PASSWORD('" . $_POST['password'] . "')), '" .
Thanks
Quote:
quote:Originally posted by anshul
 If you mean to encrypt password, use md5(). It's best and established method. Compare it's (one that resides in db) value with md5 of that user enter in form, during login.

http://anshul.guideseeq.com/

Regards,

`~@#\^%&*/\.<.\/-|+|_!:;..=?>
Support Indian students' finances http://scholarship.mediasworks.com/
Reply With Quote
  #4 (permalink)  
Old October 28th, 2005, 02:56 PM
Friend of Wrox
 
Join Date: Jun 2003
Location: , , United Kingdom.
Posts: 256
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I think you misunderstand. What anshul is saying is, avoid having to get the database to process the hash at all. Simply hash it in your script and send the hash: store it in a fixed-length character field that is big enough to hold your hashes.

I hardly need say, that hashing the same input always produces the same output. Store the output in your database, and always hash it using MD5 before presenting the result to the database, and the database need never known what the original password actually was: it only needs the hash.

Is there some external reason why this will not work?
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
username and password : IIS gemini_shooter Dreamweaver (all versions) 18 July 16th, 2008 04:45 PM
Regarding Username and password kuku_ashu Javascript How-To 0 January 4th, 2008 11:28 AM
username and password abhi_loveu2002 ASP.NET 2.0 Basics 1 December 14th, 2006 05:25 AM
Username and password Hennie Access 1 July 28th, 2006 12:43 AM



All times are GMT -4. The time now is 10:39 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.