Vegeta ZA

T Thanks, fixed!

After making it insert all the hashes into the database, I made a login form which is supposed to use the original FName and Password to log into the system. I have an issue with the password field, if I insert the original password, it does not work, but if I enter the hash that it generated then it is successful. I've altered the code to make it change the string entered into a hash so that it matches the one in the database but it does not work. Can anyone tell me what I did wrong or help me correct the code? include 'DBConn.php'; mysql_select_db("test") or die ("Unable to select database!"); if(isset($_POST['FName'])){ $FName = $_POST['FName']; } if(isset($_POST['Password'])){ $Password = password_hash($Password = $_POST['Password']); } if( empty($FName) || empty($Password) ) echo "Username and Password Mandatory - from PHP"; else { $sql = "SELECT count(*) FROM tbl_User where( FName='$FName' AND Password='$Password')"; $res = mysql_query($sql); $row = mysql_fetch_array($res); if( $row[0] > 0 ) echo "Login Successful"; else echo $sql; } Here's the PDO code for reference: //insert from text file $host = 'localhost'; $dbname = 'test'; $PDO = new PDO("mysql:dbname=$dbname; host=$host"); $file = file('userData.txt'); $query = $PDO->prepare('INSERT into tbl_User(ID, FName, LName, Email, Password) values (?, ?, ?, ?, ?)'); foreach($file as $row) { $milestone = explode(';',$row); $milestone[4] = password_hash($milestone[4], PASSWORD_DEFAULT); $query->execute($milestone); } echo "Done!"; mysqli_close($DBConnect); ?>

I managed to make it work 100% using the PDO method, thanks everyone for your input!

I I've changed the code again because when I do it this way, I get everything else to work so it is easier for me to understand. I got everything working besides the hash into the database, is it possible to make it hash the passwords into the array that inserts it into the database? When I do it by using $milestone_query .= "('$milestone[0]', '$milestone[1]', '$milestone[2]', '$milestone[3]', '$milestone[4]')"; it inserts the original passwords into the database but when I do $milestone_query .= "('$milestone[0]', '$milestone[1]', '$milestone[2]', '$milestone[3]', 'password_hash($milestone[4], DEFAULT_PASSWORD)')"; it inserts the string for password_hash etc. Is it possible to make it insert the hash passwords into the database without using the PDO method and by doing it the way I am asking?

I understand what you mean, I've changed it again. Fatal error: Class 'myPDO' not found in C:\wamp\www\a1\createTable.php on line 34 for the line of code? Here's my new code:

I've changed up my code but I get this error now: Fatal error: Call to a member function execute() on a non-object in C:\wamp\www\a1\createTable.php on line 44 which is $query->execute($milestone); I'm not sure why it has a problem with the execute statement? Here's the code: //insert from text file if(isset($_POST['ID'])){ $ID = $_POST['ID']; } if(isset($_POST['FName'])){ $FName = $_POST['FName']; } if(isset($_POST['LName'])){ $LName = $_POST['LName']; } if(isset($_POST['Email'])){ $Email = $_POST['Email']; } if(isset($_POST['Password'])){ $Password = $_POST['Password']; } $file = file('userData.txt'); $query = $DBConnect->prepare('INSERT into tbl_User(ID, FName, LName, Email, Password) values ($ID, $FName, $LName, $Email, $Password)'); foreach($file as $row) { $milestone = explode(';',$row); $milestone[4] = password_hash($milestone[4], PASSWORD_DEFAULT); $query->execute($milestone); } mysql_query($milestone_query) or die(mysql_error()); echo "Done!"; mysqli_close($DBConnect);

It doesn't need to be secure because it's just work for college, they want us to do it that way so it's not going to be used for anything else so it doesn't need to do anything but just work. I'll try this method later, thank you for your input!

I have a problem inserting passwords from a text file into a database using md5 hashes. It inputs everything else from the text file as it should but I don't know how to get it to input unique hash values using the 'Password' fields from the text file. I know the problem is with the array and it is not done correctly, can anyone help me fix this? //insert from text file $Password = $_POST['Password']; $passwordmd5 = md5 ($Password); mysql_select_db("test") or die ("Unable to select database!"); $file = file('C:\wamp\www\a1\userData.txt'); # read file into array $count = count($file); if($count > 0) # file is not empty { $milestone_query = "INSERT into tbl_User(ID, FName, LName, Email, Password) values"; $i = 1; foreach($file as $row) { $milestone = explode(';',$row); $milestone_query .= "('$milestone[0]', '$milestone[1]', '$milestone[2]', '$milestone[3]', '$passwordmd5')"; $milestone_query .= $i < $count ? ',':''; $i++; } mysql_query($milestone_query) or die(mysql_error()); } echo "Done!";