Page 1 of 1

Problem with password code

Posted: Sat Aug 19, 2006 3:03 pm
by chrchcol
I am trying to rereate a script I had seen somewhere a while ago. It basically has an input box that will input a password push it to another script, take the password and output the md5 version of the password.

Here is the generate.php

Code: Select all

<html>
<head>
<title>Password Creator</title>
</head>
<body>
<form action=generate_passwords.php method=post>
<h3>Enter a password to create MD5 based passwords.</h3>
Password: <input type="text" name="password">
<input type="submit" name="create" value="Create Passwords!">
</form>

</body>
</html>
This seems to work fine.

Here is the generate_passwords.php

Code: Select all

<? 
if(isset($password)) {        
  ?>
  <h$> The passwords for "<?=$password?>" are:</h3>
  <ul>
  <li><b>MD5:</b> <?=md5 ($password) ?>
  
  </ul>
  <?
}
?>
I can't seem to find the issue with this.

It opens generate_passwords.php but it does not show anything.

Posted: Sat Aug 19, 2006 3:23 pm
by Oren
I guess that this script is pretty old... from the time when register_globals was set to on by default.

Change this:

Code: Select all

$password
Into this:

Code: Select all

$_POST['password']
P.S Wrap your PHP code with the

Code: Select all

tags

Posted: Sat Aug 19, 2006 3:33 pm
by Oren
Also don't use short tags: <?=
Instead, do it like this:

Code: Select all

<?php echo $_POST['password']; ?>
Note that this is a security concern to print user input that way, but this is for another topic.

P.S If you want to know what's wrong with using short tags go here: http://phpbook.quantum-star.com/doku.ph ... arted#tags

Posted: Sat Aug 19, 2006 3:58 pm
by chrchcol
Ok so now I have this

Code: Select all

<? 
<?php echo $_POST['password']; ?>  
  ?>
  <h$> The passwords for "<?=$password?>" are:</h3>
  <ul>
  <li><b>MD5:</b> <?=md5 ($password) ?>
  
  </ul>
  <?
}
?>
Its still not working. I am still quite new at this and I appreciate any help you can give. As far as security, this is a script for me to use locally only.

Chris

Posted: Sat Aug 19, 2006 4:10 pm
by chrchcol
I also tried it this way

Code: Select all

<? 
$pass=$_POST['password'];
  The passwords for "$pass" are:
  <ul>
  <li><b>MD5:</b> <?=md5 ($pass) ?>
  
  </ul>
?>

Posted: Sat Aug 19, 2006 4:26 pm
by Oren

Code: Select all

<?php

	if (isset($_POST['password']))
	{
		echo 'The password: ' . md5($_POST['password']);
	}

Posted: Sat Aug 19, 2006 4:33 pm
by chrchcol
Thank you so much that saved me a lot of work.

However being the person I am I got past several problems with the first one, except one line of code gave an error saying there was an invalid < I have to figure it out now its almost a vindeta

Here is the code I modified


Code: Select all

<?
function checkOK($field)
{
if (eregi("\r",$field) || eregi("\n",$field)){
die("Invalid Input!");
}
}


$password=$_POST['password'];
checkOK($password);
 echo "The passwords for $password are:";
  
  <b>MD5:</b> =md5 ($password) 
  
  
?>

Posted: Mon Aug 21, 2006 4:53 am
by bmcewan
You had closed your echo statement early so the parse error happened when it got to

Code: Select all

<b>MD5:</b>
it should look somrthing like;

Code: Select all

<?php
function checkOK($field)
{
    if (eregi("\r",$field) || eregi("\n",$field)) {
        die("Invalid Input!");
    }
}


$password=$_POST['password'];
checkOK($password);
echo "The passwords for $password are: <br>
<b>MD5:</b> =".md5 ($password);
?>