Page 1 of 1

Question about md5()

Posted: Wed Jan 22, 2003 8:56 pm
by WizyWyg
Im trying to work on a script for authentication for administrator rights.

I have a user table in my db that contains these rows:
userid , username , password.

The password in the table has been encrypted using md5.

Im having trouble creating the script for logging in, and taking their non-md5 password and matching it up with to the one in the db.

Anyone has an example of making a simple login script using md5 for logging in?

Or a basic explanation on how to compare what is inputed by the user and compare it to the one in the db?

Posted: Wed Jan 22, 2003 9:44 pm
by Shadough
if the password in the db is stored as md5

Code: Select all

// we have no auth as of now
$ok = false;

// if md5() value of supplied password = the db (md5) password then we have auth
if (md5($passwd) == $db_passwd) {
  /* the password matches */
  unset($ok);
  $ok = true;
}

if ($ok) {
  //auth successfull
} else {
  //auth failed
}
hth

Posted: Wed Jan 22, 2003 10:27 pm
by jason
OR, better yet, if your database is good, it should have an MD5 function built in.

SELECT rank FROM users WHERE username = 'username' AND password = MD5('password') AND status != 'banned'