I have created a database which is meant to hold user names and passwords.
I am also encrypting the passwords using sha1.
The query I use from php to the database is:
Code: Select all
SELECT user,pass FROM users WHERE user='$user' AND pass='$enpass'I have been able to retrieve the password from the database though it appears that any password I enter becomes the same value. I.E when I echo the password from the database and any password I enter and encrypt it becomes the same
'9535177bddfad577d055133cefeddedee2efc49c'
this is my encryption function
Code: Select all
function encryptpass($pass)
{
$salt1 = "#@$";
$salt2 = "%$#";
$enpass = sha1('$salt1$pass$salt2');
return $enpass;
}I have tried checking if sha1 will return a different value using
this code though it doesn't on my system
Code: Select all
<?php
function encriptpass($pass)
{
$salt1 = "#@%";
$salt2 = "%*#";
$enpass = sha1('$salt1$pass$salt2');
return $enpass;
}
if (isset($_POST['pass']))
{
$newpass = ($_POST['pass']);
$newpass=encriptpass($newpass);
echo "$newpass";
}
?>
<form method='post' action='test.php'>
<input type='text' size='12' maxlength='16' name='pass'/>
<input type='submit' size='50' value='enter value' />
</form>Please someone tell me why this would happen as it seems a bit nuts?