stackoom
  简体   繁体   中英

PHP md5 hashing not working

 原文  2012-12-07 21:41:43       php/ md5

Question

I've got the following PHP code which is used for registering to a website. I'm trying to hash the passwords for security but whenever I submit a dummy registration the passwords are not hashed in phpMyAdmin. They appear normal. Here is my code: 

<?php

//get the values from the form
$Name = $_POST['name'];
$Username = $_POST['username'];
$Password = $_POST['password'];
$RepeatPassword = $_POST['repeatpassword'];

//encrypt the passwords
md5($Password);
md5($RepeatPassword);

//query the database
$query = "INSERT INTO users VALUES ('', '$Name', '$Username', '$Password')";

if (!mysql_query($query)) {

die('Error ' . mysql_error() . ' in query ' . $query);
} 

//check passwords match
if ($Password !== $RepeatPassword) {
echo "Your passwords do not match. <a href='login.php'>Return to login page</a>";

}

//check to see if fields are blank
if ($Name=="") {
echo "Name is a required field. <a href='login.php'>Return to login page</a>";
}

else if ($Username=="") {
echo "Username is a required field. <a href='login.php'>Return to login page</a>"; 
}

else if ($Password=="") {
echo "Password is a required field. <a href='login.php'>Return to login page</a>";
}

else if ($RepeatPassword=="") {
    echo "Repeat Password is a required field. <a href='login.php'>Return to login page</a>";
}

else {
    $_SESSION["message"] = "You have successfully registered! Please login using your username and password.";
    header("Location: login.php");
}
?>

The tutorials I have read online have all said to do it as per the above. I've tried putting the two lines of md5 code in numerous places but to no avail.

3 answers

solution1
 9 ACCPTED  2012-12-07 21:43:05

md5($Password);
md5($RepeatPassword);

This code basically does nothing. You want: 

$Password = md5($Password);
$RepeatPassword = md5($RepeatPassword);

But ultimately, MD5 doesn't do much for security. Consider bcrypt , stop using the mysql_* functions, and start learning about SQL injection attacks.

solution2
 2  2012-12-07 21:42:48

You're not doing anything with the return value of the functions. It should be:

$Password = md5($Password);

$RepeatPassword = md5($RepeatPassword);

solution3
 -2  2013-04-29 01:35:29

It's not working because you're not assigning your md5 to a variable. Do something like this:

$Password = md5($Password);

$RepeatPassword= md5($RepeatPassword);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP MD5 hashing Password hashing in php MD5 PHP - MD5, SHA, Hashing security C# MD5 hashing needs to match PHP MD5 hashing (with salt) PHP MD5 not working correctly PHP MD5 not working in if statement PHP hashing files, CRC32b or MD5 is better? MD5 Hashing between VB.net and PHP PHP: Is there any practical limit to the length of the input string for MD5 hashing? Load binary JPEG image data into PHP variable for MD5 hashing
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM