sha1() - two different values?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
php3ch0
Forum Contributor
Posts: 212
Joined: Sun Nov 13, 2005 7:35 am
Location: Folkestone, Kent, UK

sha1() - two different values?

Post by php3ch0 »

Hi

I have some code that resets a users password, emails the new password to the user then hashes the password to store it in a database:

Why are the has values different when I check the users password to sign the user in

function to hash password:

Code: Select all

function hash_it($password) {

	$password = sha1($password);

	return $password;

}
Resetting users password: ( I have checked that it is updating the correct record in the database)

Code: Select all

$rapndom_word = rand(1,25);

switch($random_word) {
	case '1':
	$word = "tele";
	break;
	case '2':
	$word = "pillow";
	break;
	case '3':
	$word = "foot";
	break;
	case '4':
	$word = "super";
	break;
	case '5':
	$word = "rock";
	break;
	case '6':
	$word = "window";
	break;
	case '6':
	$word = "truck";
	break;
	case '7':
	$word = "monkey";
	break;
	case '8':
	$word = "sofa";
	break;
	case '9':
	$word = "word";
	break;
	case '10':
	$word = "bubbles";
	break;
	case '11':
	$word = "phone";
	break;
	case '12':
	$word = "dance";
	break;
	case '13':
	$word = "snow";
	break;
	case '14':
	$word = "feather";
	break;
	case '15':
	$word = "play";
	break;
	case '16':
	$word = "smile";
	break;
	case '17':
	$word = "pingu";
	break;
	case '18':
	$word = "banana";
	break;
	case '19':
	$word = "puzzle";
	break;
	case '20':
	$word = "wave";
	break;
	case '21':
	$word = "football";
	break;
	case '22':
	$word = "vase";
	break;
	case '23':
	$word = "roof";
	break;
	case '24':
	$word = "microwave";
	break;
	case '25':
	$word = "path";
	break;
	default:
	$word = "garage";
}

$random_number = rand(000, 999);

$password = $word."".$random_number;

//inserting into database
$hash_password = hash_it($password);

mysql_select_db($database_db_connect, $db_connect);
$insert_sql = "update members set password = '$hash_password' where email = '$email'";
mysql_query($insert_sql, $db_connect) or die(mysql_error());
When checking if the user is logged in:

Code: Select all

$email = format($_POST['email']);
	$password = hash_it($_POST['password']);

//die($password);

	// declaring $prev_url for redirection, if not set set to login_ok

				$prev_url = $host."members/index.php"; 
		if (!empty($_POST['prev_url'])) { 
					$prev_url = $_POST['prev_url'];
					}
				// set auth to No at beggining
				$auth = "N";
				$error = '0';
				
		if ((empty($email)) OR (empty($password))) {
				$error = '1';

				}
		
				
				
				//echo "username = ".$email."<br>";
				//echo "password = ".$password."<br>";
				
				// check username and password
				mysql_select_db($database_db_connect, $db_connect);
				//$password = md5($password);
				$query_login = "SELECT id, email, password, visits, access_level, last_visit FROM members WHERE email = '$email' AND password = '$password'";
				$login = mysql_query($query_login, $db_connect) or die(mysql_error());
				$row_login = mysql_fetch_assoc($login);
				$totalRows_login = mysql_num_rows($login);
				
				//echo "Total selected Rows = ".$totalRows_login."<br>";
				
				if ($totalRows_login <> '1') {
				
				$error = '2';
				}
				
				if ( $error == '0' ) {
				
				$auth = "Y";

// do some more login stuff
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I would guess that $_POST['password'] contains extra characters your function does not handle. Possibly a space, carriage return or something?
User avatar
php3ch0
Forum Contributor
Posts: 212
Joined: Sun Nov 13, 2005 7:35 am
Location: Folkestone, Kent, UK

Post by php3ch0 »

ha ha

found the problem.

A duplicate record on the database.

Thanks
Post Reply