checking encrypted code

Forum Moderators: coopster

Message Too Old, No Replies

checking encrypted code

brendan3eb

8:03 pm on Jul 11, 2004 (gmt 0)

ok, I'm setting up the login part of my site right now and I want it to be extra safe, so to keep it safe I'm encrypting the passwords that are inserted into the mysql database, the only problem I have now, is how do I check to make sure the password the user entered matches the encrypted password.

rlkanter

8:07 pm on Jul 11, 2004 (gmt 0)

It depends on the type of encryption. Generally you encrypt the password the user enters, and see if that matches the encrypted password in the database.

brendan3eb

8:39 pm on Jul 11, 2004 (gmt 0)

how do I encrypt the password the user enters?

edit: I found the function, it called md5, this is now the code:
//gets password from form
$depass = $_POST['pass'] ;
//makes the password from the form an encrypted
//password that is stored in pass variable
$pass = md5($depass) ;

rlkanter

9:36 pm on Jul 11, 2004 (gmt 0)

Yes. From there you can compare it what current is in the table, for example if you select the row containing the users password, something similar to:

if(!strcmp( $myrow['password'], md5($_POST[''pass']))){
// password correct
}