md5 password

[danposs86]

I have the line:

if ($row['member_login_key'] == $u_password)

member_login_key is a md5 hash, what i want is to make the string $u_password into an md5 hash (hope i am using the right terminology!)i have tried:

if ($row['member_login_key'] == md5($u_password))

but it doesnt appear to work, any ideas?

[danposs86]

done a quick check, and using the first script i mentioned, i copy and pasted the actual hashed code from the table and it still doesnt work. all the table names are right. whats going on?

[Hooch]

I'm not sure how your code picks up the password, but here's something that may help.

<?PHP$u_password = md5($_POST[u_password]); $info = mysql_query("SELECT * FROM users WHERE username = '$_POST[u_name]'") or die(mysql_error()); $row = mysql_fetch_array($info); if ($row['member_login_key'] == $u_password)?>

[danposs86]

this is all the script:

<?php# Simple password protection## (c) http://www.phpbuddy.com# Author: Ranjit Kumar# Feel free to use this script but keep this message intact!## To protect a page include this file in your PHP pages!session_start();//you can change the username and password by changing the above two stringsif (!isset($HTTP_SESSION_VARS['user'])) {		if(isset($HTTP_POST_VARS['u_name']))		$u_name = $HTTP_POST_VARS['u_name'];		if(isset($HTTP_POST_VARS['u_password']))		$u_password = $HTTP_POST_VARS['u_password'];		if(!isset($u_name)) {		?>		<HTML>		<HEAD>		<TITLE><?php echo $HTTP_SERVER_VARS['HTTP_HOST']; ?> : Authentication Required</TITLE>		</HEAD>		<BODY bgcolor=#ffffff>		<table border=0 cellspacing=0 cellpadding=0 width=100%>			 <TR><TD>			 <font face=verdana size=2><B>(Access Restricted to Authorized Personnel)</b> </font></td>			 </tr></table>		<P></P>		<font face=verdana size=2>		<center>		<?php		$form_to = "http://$HTTP_SERVER_VARS[HTTP_HOST]$HTTP_SERVER_VARS[PHP_SELF]";				if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))		$form_to = $form_to ."?". $HTTP_SERVER_VARS["QUERY_STRING"];				?>		<form method=post action=<?php echo $form_to; ?>>		<table border=0 width=350>		<TR>		<TD><font face=verdana size=2><B>User Name</B></font></TD>		<TD><font face=verdana size=2><input type=text name=u_name size=20></font></TD></TR>		<TR>		<TD><font face=verdana size=2><B>Password</B></font></TD>		<TD><font face=verdana size=2><input type=password name=u_password size=20></font></TD>		</TR>		</table>		<input type=submit value=Login></form>		</center>		</font>		</BODY>		</HTML>					<?php		exit;	}	else {				function login_error($host,$php_self) {			echo "<HTML><HEAD>			<TITLE>$host :  Administration</TITLE>			</HEAD><BODY bgcolor=#ffffff>			<table border=0 cellspacing=0 cellpadding=0 width=100%>				 <TR><TD align=left>				 <font face=verdana size=2><B>  You Need to log on to access this part of the site! </b> </font></td>				 </tr></table>			<P></P>			<font face=verdana size=2>			<center>";									echo "Error: You are not authorized to access this part of the site!			<B><a href=$php_self>Click here</a></b> to login again.<P>			</center>			</font>			</BODY>			</HTML>";			session_unregister("adb_password");			session_unregister("user");			exit;		}				$user_checked_passed = false;		mysql_connect("localhost", "xxx", "xxx");		mysql_select_db("xxx");		if (isset($HTTP_SESSION_VARS['adb_password']) && isset($HTTP_SESSION_VARS['user'])) {		   $adb_session_password = $HTTP_SESSION_VARS['adb_password'];		   $session_user = $HTTP_SESSION_VARS['user']; 			$result = mysql_query("SELECT member_login_key FROM ibf_members WHERE name='".mysql_real_escape_string($session_user)."'");			if ($row = mysql_fetch_assoc($result))			{			  if ($row['member_login_key'] == $adb_session_password)				$admin = true;			  else				$admin = false;			}			else			  $admin = false;			if (!$admin)				login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);			else {				$user_checked_passed = true;			}		}		if($user_checked_passed == false) {			$result = mysql_query("SELECT member_login_key FROM ibf_members WHERE name='" . mysql_real_escape_string($u_name) . "'");			if ($row = mysql_fetch_assoc($result))			{			  if ($row['member_login_key'] == $u_password)				$admin = true;			  else				$admin = false;			}			else			  $admin = false;			if (!$admin)				login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);			session_register("adb_password");			session_register("user");			$adb_password = $u_password;			$user = $u_name;			$page_location = $HTTP_SERVER_VARS['PHP_SELF'];			if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))			$page_location = $page_location ."?". $HTTP_SERVER_VARS["QUERY_STRING"];						header ("Location: ". $page_location);		}	}}?>

I want to sort out the lines:

if ($row['member_login_key'] == $adb_session_password)

and

if ($row['member_login_key'] == $u_password)

[Hooch]

I commented the lines that I edited.Hope it works...Hooch

<?PHP# Simple password protection## (c) http://www.phpbuddy.com# Author: Ranjit Kumar# Feel free to use this script but keep this message intact!## To protect a page include this file in your PHP pages!session_start();//you can change the username and password by changing the above two stringsif (!isset($HTTP_SESSION_VARS['user'])) {		if(isset($HTTP_POST_VARS['u_name']))		$u_name = $HTTP_POST_VARS['u_name'];		if(isset($HTTP_POST_VARS['u_password']))			//*************************Changed line below*************************//		$u_password = md5($HTTP_POST_VARS['u_password']);		if(!isset($u_name)) {		?>		<HTML>		<HEAD>		<TITLE><?php echo $HTTP_SERVER_VARS['HTTP_HOST']; ?> : Authentication Required</TITLE>		</HEAD>		<BODY bgcolor=#ffffff>		<table border=0 cellspacing=0 cellpadding=0 width=100%>			 <TR><TD>			 <font face=verdana size=2><B>(Access Restricted to Authorized Personnel)</b> </font></td>			 </tr></table>		<P></P>		<font face=verdana size=2>		<center>		<?php		$form_to = "http://$HTTP_SERVER_VARS[HTTP_HOST]$HTTP_SERVER_VARS[PHP_SELF]";				if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))		$form_to = $form_to ."?". $HTTP_SERVER_VARS["QUERY_STRING"];				?>		<form method=post action=<?php echo $form_to; ?>>		<table border=0 width=350>		<TR>		<TD><font face=verdana size=2><B>User Name</B></font></TD>		<TD><font face=verdana size=2><input type=text name=u_name size=20></font></TD></TR>		<TR>		<TD><font face=verdana size=2><B>Password</B></font></TD>		<TD><font face=verdana size=2><input type=password name=u_password size=20></font></TD>		</TR>		</table>		<input type=submit value=Login></form>		</center>		</font>		</BODY>		</HTML>					<?php		exit;	}	else {				function login_error($host,$php_self) {			echo "<HTML><HEAD>			<TITLE>$host :  Administration</TITLE>			</HEAD><BODY bgcolor=#ffffff>			<table border=0 cellspacing=0 cellpadding=0 width=100%>				 <TR><TD align=left>				 <font face=verdana size=2><B>  You Need to log on to access this part of the site! </b> </font></td>				 </tr></table>			<P></P>			<font face=verdana size=2>			<center>";									echo "Error: You are not authorized to access this part of the site!			<B><a href=$php_self>Click here</a></b> to login again.<P>			</center>			</font>			</BODY>			</HTML>";			session_unregister("adb_password");			session_unregister("user");			exit;		}				$user_checked_passed = false;		mysql_connect("localhost", "xxx", "xxx");		mysql_select_db("xxx");		if (isset($HTTP_SESSION_VARS['adb_password']) && isset($HTTP_SESSION_VARS['user'])) {		   //*************************Changed line below*************************//		   $adb_session_password = md5($HTTP_SESSION_VARS['adb_password']); 		   $session_user = $HTTP_SESSION_VARS['user'];			$result = mysql_query("SELECT member_login_key FROM ibf_members WHERE name='".mysql_real_escape_string($session_user)."'");			if ($row = mysql_fetch_assoc($result))			{			  if ($row['member_login_key'] == $adb_session_password)				$admin = true;			  else				$admin = false;			}			else			  $admin = false;			if (!$admin)				login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);			else {				$user_checked_passed = true;			}		}		if($user_checked_passed == false) {			$result = mysql_query("SELECT member_login_key FROM ibf_members WHERE name='" . mysql_real_escape_string($u_name) . "'");			if ($row = mysql_fetch_assoc($result))			{			  if ($row['member_login_key'] == $u_password)				$admin = true;			  else				$admin = false;			}			else			  $admin = false;			if (!$admin)				login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);			session_register("adb_password");			session_register("user");			$adb_password = $u_password;			$user = $u_name;			$page_location = $HTTP_SERVER_VARS['PHP_SELF'];			if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))			$page_location = $page_location ."?". $HTTP_SERVER_VARS["QUERY_STRING"];						header ("Location: ". $page_location);		}	}}?>

[danposs86]

no luck i'm affraid

[Hooch]

Show how you insert the 'member_login_key'to the database.Better make sure it's getting an MD5 correctly.

[danposs86]

what i am trying to do is create a log in system on a website that uses the same username and password as a forum (Invision Power Board v2.2.1).So the 'member_login_key' is generated when a user first registers with the forum.the only think i can think of is that 'member_login_key' isnt actually the password or it isnt actually generated using md5?

[danposs86]

more investigating, created a test user with the password "test123" (original i know lol)anyway, i then typed this into a md5 generator online and got this: cc03e747a6afbbcbf8be7668acfebee5however member_login_key is: 4a75eabdad08c6ecd83af1f364e127c2so obviously i am either barking up the wrong field, or it uses something that isnt md5.

[Hooch]

I suggest again to look how that is entered in the DB.Find the registration script and see how it's hashed.

[justsomeguy]

Also, about the changes from Hooch, you will not want to hash both the password from $_POST and $_SESSION. Do not hash the session password, because you are saving the already-hashed password in the session. Hashing it again would produce a different value.

[Hooch]

I'm confused as to how the same password is getting hashed twice with the code I added. To my knowledge I am hashing 2 different password entries. I understand they couldbe the same password, but when "u_password" is hashed, I don't see how this ishashing "adb_password". Waiting to learn from the master....Hooch

[justsomeguy]

Well, the password from POST when the user logs in gets set here:

if(isset($HTTP_POST_VARS['u_password']))		$u_password = md5($HTTP_POST_VARS['u_password']);

So, $u_password is an md5 hash. Then, lower down when the login is checked, the password gets saved in the session here:

session_register("adb_password");			session_register("user");			$adb_password = $u_password;			$user = $u_name;

So, now $_SESSION['adb_password'] has the same hashed password from POST. So the password in $_SESSION is already hashed. So when you read the password from the session here:

if (isset($HTTP_SESSION_VARS['adb_password']) && isset($HTTP_SESSION_VARS['user'])) {		   $adb_session_password = md5($HTTP_SESSION_VARS['adb_password']);

You are hashing it again, so it is a hash of a hash, which is going to be different then the value you are checking against. So you don't want to hash the password from the session, you just want to store the value in the session into the $adb_session_password variable. You would only hash the password in the session if you were storing the plain-text password in the session, but the password you are storing in this case has already been hashed when you save it, you don't need to do it again when you read it.

[grappy]

i thought md5 was 36 characters, that member login key is only 32, perhaps its a randomly generated string by invision power boards in which case u should have access to the source code, meaning u could find where it is generated and submit it to your own personal database at the same time giving you access to it from your own site.

[justsomeguy]

MD5 is a 128-bit, 32 hex character value.