ATM Posted January 19, 2007 Share Posted January 19, 2007 Ok, I'm creating a login system and I have the users passwords saved in a database. However the passwords in the database are encrypted using the password encryption included with mysql.When I compare the password the user submitted, with the encrypted password on the database they do not match.Is there anyway I can stop this from happening, I'm using php by the way.Thank You. Link to comment Share on other sites More sharing options...
pulpfiction Posted January 19, 2007 Share Posted January 19, 2007 problem might be in method to comparision password submitted be user......Which encryption function are you using? like md5() or sha1().....? it might help if you can post the SQL query used... Link to comment Share on other sites More sharing options...
ATM Posted January 19, 2007 Author Share Posted January 19, 2007 I'm not really sure, I'm using phpmyadmin and there is a 'PASSWORD' option.The method I'm using to compare them is a simple if statement.Thank you, Link to comment Share on other sites More sharing options...
jlhaslip Posted January 20, 2007 Share Posted January 20, 2007 Before you check the value of the submitted password to the one stored in the database, you will need to hash or encrypt the value similarly to the method used prior to storing it or they won't be the same. And the comparison will prove false, so the page will reject the user. Security can be just like that some times. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now