Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Programming/Scripts
Reload this Page PHP authentication with mysql encrypt function
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
Page 2 of 2 1 2
 
Thread Tools Display Modes
  #11  
Old 16th August 2011, 13:23
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,592 Times in 2,443 Posts
Default
Try

Code:
INSERT INTO users(..., password) VALUES('...', ENCRYPT(".$_POST['password']."));
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
new (16th August 2011)
Sponsored Links
  #12  
Old 16th August 2011, 13:46
Mark_NL Mark_NL is offline
Senior Member
  
Join Date: Sep 2008
Location: The Netherlands
Posts: 911
Thanks: 12
Thanked 95 Times in 92 Posts
Default
Falko, with that query, MySQL will use a different salt every time you call it, so the same entered password, it will be saved differently in the db, and you can never match against it, since you don't know the salt mysql used during

Code:
INSERT INTO users(name, pass) VALUES('john', ENCRYPT('password','(*#Ng383'));
This will save the same encrypted string over and over.

for his solution he should use:
Code:
INSERT INTO users(..., password) VALUES('...', ENCRYPT(".$_POST['password'].", 'odufmsircklsc'));
("odufmsircklsc" being the salt)
Reply With Quote
The Following 2 Users Say Thank You to Mark_NL For This Useful Post:
falko (17th August 2011), new (16th August 2011)
  #13  
Old 16th August 2011, 17:42
new new is offline
Junior Member
  
Join Date: Aug 2011
Posts: 4
Thanks: 4
Thanked 0 Times in 0 Posts
Thumbs up
@Falko and @Mark_NL .... thanks guys...
Quote:
@Mark_NL .........
for his solution he should use:
Code:
INSERT INTO users(..., password) VALUES('...', ENCRYPT(".$_POST['password'].", 'odufmsircklsc'));
("odufmsircklsc" being the salt)
You are the man.. works perfect .. I do have not words to thanks you...that was exactly what I was looking for.... now I can authenticate users from the same database for mail and ftp, with the same ENCRYPT password..

Just curious .. ... what character users are allow to use in password field of my registration from... because ... ("odufmsircklsc" being the salt) ... or don't matter ???

Regards.. you all ..!!
Really thanks...
Last edited by new; 16th August 2011 at 17:59.
Reply With Quote
  #14  
Old 18th November 2011, 11:14
beaney beaney is offline
Junior Member
  
Join Date: Nov 2011
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default I need help correcting my query string
Im having trouble getting my login to work on my site.
it keeps telling me query failed, but when i echo out the username and password it matches the one on the server so i dont understand why its not working.
Im a new programmer by the way very noob.

PHP Code:
$db mysqli_connect($server$user$password$database);
        
       
            $salt "45Gxkj9583lPMdxoekfg"
        $user $_POST['username'];
        $pass crypt($_POST['password'], $salt);
            
        echo "<h2>welcome you are now logged in ".$user." ".$pass."</h2><br />\n";
        $sql "SELECT username, password FROM faculty WHERE username = $user AND password = $pass";
        
        $result mysqli_query($sql,$db) or die('Query failed: ' mysql_error($db));
        
        if (mysql_num_rows($result) == 1)
        {
            //successful login
            echo "<h2>Welcome  You are now logged in.</h2>\n";
        }
        else
        {
            // not successful
            $page file_get_contents("err_login.html");
                    echo $page;
                    exit;
        }
        
            
            
            //session_start();
            //$_SESSION['valid'] = 1;
            //$_SESSION['user'] = $username; 
Reply With Quote
  #15  
Old 18th November 2011, 11:16
beaney beaney is offline
Junior Member
  
Join Date: Nov 2011
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default
this is a link to my project http://trieste.sdsu.edu/~trst016/proj2/proj2.html
Reply With Quote
  #16  
Old 18th November 2011, 11:47
Mark_NL Mark_NL is offline
Senior Member
  
Join Date: Sep 2008
Location: The Netherlands
Posts: 911
Thanks: 12
Thanked 95 Times in 92 Posts
Default
try:
PHP Code:
$sql "SELECT username, password FROM faculty WHERE username = '$user' AND password = '$pass'"
notice the single quotes i put around $user and $pass
__________________
Real men don't backup... Real men cry!

http://www.e-rave.nl/
Reply With Quote
  #17  
Old 18th November 2011, 17:19
beaney beaney is offline
Junior Member
  
Join Date: Nov 2011
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default
no that doesnt work.
Reply With Quote
Reply
Page 2 of 2 1 2

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Freebsd 6.1 support misterm Installation/Configuration 10 9th April 2009 09:29
Slightly Confused (DNS & Server Help) JohnnyBGoode Installation/Configuration 26 14th August 2007 09:54
Apache2 Freezes celtic Server Operation 31 28th May 2007 17:18
SuSE Enterprise, PHP binary coming with ISPConfig does not work properly NexusTechUS Installation/Configuration 1 26th April 2007 20:03


All times are GMT +2. The time now is 07:54.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.