PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Tue Aug 04, 2020 3:04 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 13 posts ] 
Author Message
PostPosted: Wed May 18, 2011 11:27 pm 
Offline
Forum Commoner

Joined: Tue Jan 04, 2011 5:58 am
Posts: 40
Hi,
i have a login page which is connected with a mysql database table called tbl_user.
Basically two fields :
user_name & pass_word.
Assume i have saved a user name called 'ABC' & my password is 'aBc123'.
The password should be case sensitive.
When i log in to the system i enter my user name 'ABC' & type my password as 'aBc123'.
But the problem is i can log in to the system when i enter 'abc123'.But my real password is 'aBc123'.So my guess is that the password should be case sensitive.

My server is:Apache/2.2.17 (Fedora)
PHP Version 5.3.6
mysql 5.1.56


Top
 Profile  
 
PostPosted: Thu May 19, 2011 3:08 am 
Offline
Forum Regular
User avatar

Joined: Wed Apr 30, 2008 2:34 am
Posts: 794


Top
 Profile  
 
PostPosted: Fri May 20, 2011 9:00 am 
Offline
Forum Contributor

Joined: Fri Dec 24, 2010 1:48 am
Posts: 143
Location: India
Hi,U can use md5 also for encrypting the password....Never store raw password in database.Hope that it helps..


Top
 Profile  
 
PostPosted: Fri May 20, 2011 11:37 am 
Offline
DevNet Master
User avatar

Joined: Sun Feb 15, 2009 12:08 pm
Posts: 2794
Location: .za

_________________
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering


Top
 Profile  
 
PostPosted: Fri May 20, 2011 12:10 pm 
Offline
Forum Regular
User avatar

Joined: Wed Mar 05, 2008 11:23 pm
Posts: 732
Location: Sunriver, OR


Top
 Profile  
 
PostPosted: Fri May 20, 2011 4:50 pm 
Offline
Forum Regular
User avatar

Joined: Wed Apr 30, 2008 2:34 am
Posts: 794


Top
 Profile  
 
PostPosted: Fri May 20, 2011 4:59 pm 
Offline
Forum Regular
User avatar

Joined: Wed Apr 30, 2008 2:34 am
Posts: 794


Top
 Profile  
 
PostPosted: Wed Jul 13, 2011 2:53 pm 
Offline
Forum Newbie

Joined: Wed Jul 13, 2011 2:39 pm
Posts: 13
Never post what algorithm you are using either!

But yes, use a sha256 or sha512 - just make sure the column supports the proper width (eg. 64)


Top
 Profile  
 
PostPosted: Thu Jul 14, 2011 3:21 am 
Offline
DevNet Master
User avatar

Joined: Sun Feb 15, 2009 12:08 pm
Posts: 2794
Location: .za

_________________
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering


Top
 Profile  
 
PostPosted: Thu Jul 14, 2011 7:16 am 
Offline
Forum Newbie

Joined: Wed Jul 13, 2011 2:39 pm
Posts: 13
and also have to worry about security with malicious people lurking the boards


Top
 Profile  
 
PostPosted: Thu Jul 14, 2011 8:04 am 
Offline
DevNet Master
User avatar

Joined: Sun Feb 15, 2009 12:08 pm
Posts: 2794
Location: .za
Mentioning hash lengths should also be taboo then ;)

_________________
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering


Top
 Profile  
 
PostPosted: Tue Sep 13, 2011 3:45 am 
Offline
Forum Contributor
User avatar

Joined: Thu Oct 29, 2009 6:48 am
Posts: 239
Location: UK
If you know the algorithm being used, you know the length.

As everyone has been saying, hash passwords before storing. Then when the user enters a password into your form, this is then hashed and COMPARED with the stored hash. Hashes are case-sensitive, as your original requirement stated.

Check out Mordred's tutorial:

viewtopic.php?t=62782


Top
 Profile  
 
PostPosted: Wed Sep 14, 2011 3:12 am 
Offline
DevNet Master
User avatar

Joined: Wed Jun 27, 2007 9:44 am
Posts: 4313
Location: Sofia, Bulgaria

_________________
There are 10 types of people in this world, those who understand binary and those who don't


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 18 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group