Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

md5 password trouble

Options
  • 05-09-2006 11:18am
    #1
    chamlis
    Closed Accounts Posts: 2,175 ✭✭✭


    Hello all.
    I'm developing a dynamic php/mySQL website. I'm very new at this.
    Here's the problem (one of them):
    I have a registration set up, and a loggin. The user inputs all their data into the registration page (obviously) and at the end they input their desired password. For extra security, I get them to input the password again, php checks them off each other and if they match it continues. So far so good.
    Unfortunately, when I check the data base, MySQL seems to have accepted both passwords as one, and md5 encrypts it accordingly. So when the user loggs in iwth the password they registered, it is not the password that's in MySQL. I figured it was the 2 password fields that did it, so I got rid of the second one.
    But md5 is still doubling the the encryption! I can't figure it out at all. I finally got all this stuff working yesterday but now this.
    I have more questions too, but this will do for now.

    Oh and just in case anyone asks, inputting the password twice in the loggin doesn't work....

    Thanks for your time.


Comments

  • Options
    #2
    pH
    Registered Users Posts: 4,188 ✭✭✭pH


    It's not that clear what you're doing here, could you explain exactly how you're trying to store the username/password in mysql?

    When the user enters 2 passwords and submits (on a web page), they are sending the password in clear back to the php processing.

    Are you then creating a MySQL user with this username/password?

    Most systems create their own 'user' table with a username and password field:

    Creating user:
    $sql = "INSERT INTO myusers VALUES ('pjones',md5('mypassword'))";

    And then authenticate (at login) by doing semthing like

    select * from myusers where username=X and password = md5(entered_password)


  • Options
    #3
    chamlis
    Closed Accounts Posts: 2,175 ✭✭✭chamlis


    It seems there were 2 scripts handling the registration. I had done some housekeeping and tried to rearrange the login and registration around the site (which brings me to another question, but *sigh* not right now....).

    Originally, the login and registration were on the same page, with the same outside script handling the two of them. I moved the login and re-did the registration page, creating a new script to handle it alone "register_form.php".
    But the original script for both login and registration is still there floating around handling just the login, even though it has the data for both it and registration.
    Confused?
    I know I am.
    I'm going for a cig.


  • Options
    #4
    chamlis
    Closed Accounts Posts: 2,175 ✭✭✭chamlis


    Right problem solved.

    There was a conflict with one of my variables.
    It was:
    $password = password($_POST);

    Instead of:
    $password = md5($_POST);

    Thanks for the advice, man.
    Stupid, but hey...


Advertisement