simple log in

php without database

Page 1 of 1

10 Replies - 1393 Views - Last Post: 05 December 2010 - 02:51 AM Rate Topic: -----

#1 anne052486  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 16
  • Joined: 12-February 10

simple log in

Posted 30 November 2010 - 09:04 PM

<html>
<body>
<form action="LogIn.php">
<h2>Welcome !</h2> <br>
Please Log-In. <br>

Username:<input type="text" name="UserN"><br>
Password:<input type="text" name="pw"><br>
<input type ="Reset" value="Reset">
<input type ="Submit" value="Log-In">
 

</form>
</body>
</html>




pls anyone can help how to encrypt the password

This post has been edited by macosxnerd101: 30 November 2010 - 09:13 PM
Reason for edit:: Added code tags and moved to PHP Help out of the PHP Tutorials Section


Is This A Good Question/Topic? 0
  • +

Replies To: simple log in

#2 macosxnerd101  Icon User is offline

  • Self-Trained Economist
  • member icon




Reputation: 10596
  • View blog
  • Posts: 39,257
  • Joined: 27-December 08

Re: simple log in

Posted 30 November 2010 - 09:16 PM

You'll probably be more interested in hashing than encryption, as hashing is one-way. PHP has the md5() hash function, which you may be interested in.
Was This Post Helpful? 0
  • +
  • -

#3 nahtanoJ  Icon User is offline

  • New D.I.C Head

Reputation: 1
  • View blog
  • Posts: 14
  • Joined: 05-September 10

Re: simple log in

Posted 04 December 2010 - 05:51 PM

To encrypt the password before its entered into your database, you will do this with your MySql insert statement using the php PASSWORD() funciton when it is entered

$query = INSERT into users VALUES ('$userid', PASSWORD('$password'));


This encrypts the password into a 41 byte hexadecimal value. (Create the password field as a 41 char text)


When retrieving the information for the log in, use

$query = "SELECT userid from users where userid = '$userid' and password = PASSWORD('$password')";
Was This Post Helpful? 0
  • +
  • -

#4 Dormilich  Icon User is online

  • 痛覚残留
  • member icon

Reputation: 3541
  • View blog
  • Posts: 10,255
  • Joined: 08-June 10

Re: simple log in

Posted 04 December 2010 - 06:14 PM

View PostnahtanoJ, on 05 December 2010 - 12:51 AM, said:

To encrypt the password before its entered into your database, you will do this with your MySql insert statement using the php PASSWORD() funciton when it is entered

neither is PASSWORD() a PHP function, nor is it adviced to use it for this purpose:

http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html#function_password said:

Note
The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead.

Was This Post Helpful? 1
  • +
  • -

#5 calebjonasson  Icon User is offline

  • $bert = new DragonUnicorn(); $bert->rawr();
  • member icon

Reputation: 209
  • View blog
  • Posts: 989
  • Joined: 28-February 09

Re: simple log in

Posted 04 December 2010 - 09:04 PM

For a more advanced encryption I would check out how to salt a password with various tokens including the standard sha1 hash. You could do something like this:

//assuming that $password is retrieved through post.
// when registering a user you can always generate a
// random key that is stored in the database for said
// user and query the key where username is the username
// gathered from post.

$key1 = '1kj4232kjas';
$key2 = 'a8d7asj2k41';
$password = sha1($key1.$password.$key2);

//then check the database for the password.


This post has been edited by calebj: 04 December 2010 - 10:02 PM

Was This Post Helpful? 0
  • +
  • -

#6 no2pencil  Icon User is online

  • Admiral Fancy Pants
  • member icon

Reputation: 5348
  • View blog
  • Posts: 27,305
  • Joined: 10-May 07

Re: simple log in

Posted 04 December 2010 - 09:19 PM

View PostnahtanoJ, on 04 December 2010 - 06:51 PM, said:

To encrypt the password before its entered into your database, you will do this with your MySql insert statement using the php PASSWORD() funciton when it is entered

$query = INSERT into users VALUES ('$userid', PASSWORD('$password'));

This encrypts the password into a 41 byte hexadecimal value. (Create the password field as a 41 char text)

For the sake of the OP, I must point out that the above is not correct. MD5 is not encryption, it's a hash. If MD5 were encryption, then you would be able to decrypt the MD5 output back into the original value. The MD5 function (on any platform) will provide a 32 bit value of whatever is passed into it. This can be a string, a file, or pages & pages of text.

MD5 is one way. Encryption is two way. With MD5 you can't reverse the output.
Was This Post Helpful? 0
  • +
  • -

#7 nahtanoJ  Icon User is offline

  • New D.I.C Head

Reputation: 1
  • View blog
  • Posts: 14
  • Joined: 05-September 10

Re: simple log in

Posted 04 December 2010 - 09:32 PM

@no2pencil Nothing about the code I posted is incorrect. You are right PASSWORD() is not a php function it is a MySQL function, I should of been more specific. The code I posted will correctly encrypt and decrypt data sent to and from the database and it stores like I said above. I never mentioned MD5 in any of my posts, maybe I misunderstood the OP
Was This Post Helpful? 0
  • +
  • -

#8 no2pencil  Icon User is online

  • Admiral Fancy Pants
  • member icon

Reputation: 5348
  • View blog
  • Posts: 27,305
  • Joined: 10-May 07

Re: simple log in

Posted 04 December 2010 - 09:44 PM

View PostnahtanoJ, on 04 December 2010 - 10:32 PM, said:

I never mentioned MD5 in any of my posts, maybe I misunderstood the OP

Hrm... I didn't see where the previous post ended & your post started. My mistake.
Was This Post Helpful? 0
  • +
  • -

#9 macosxnerd101  Icon User is offline

  • Self-Trained Economist
  • member icon




Reputation: 10596
  • View blog
  • Posts: 39,257
  • Joined: 27-December 08

Re: simple log in

Posted 04 December 2010 - 09:51 PM

@no2pencil: You probably read my post where I mentioned md5(). I did clarify that it was hashing, not encryption. :)
Was This Post Helpful? 0
  • +
  • -

#10 no2pencil  Icon User is online

  • Admiral Fancy Pants
  • member icon

Reputation: 5348
  • View blog
  • Posts: 27,305
  • Joined: 10-May 07

Re: simple log in

Posted 04 December 2010 - 09:52 PM

That's what I just said... it was all your fault.
Was This Post Helpful? 0
  • +
  • -

#11 Dormilich  Icon User is online

  • 痛覚残留
  • member icon

Reputation: 3541
  • View blog
  • Posts: 10,255
  • Joined: 08-June 10

Re: simple log in

Posted 05 December 2010 - 02:51 AM

View Postcalebj, on 05 December 2010 - 04:04 AM, said:

For a more advanced encryption I would check out how to salt a password with various tokens including the standard sha1 hash. You could do something like this:

when you salt a hash, do it properly.
$salted_hash = hash_hmac("sha1", $password, $salt);

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1