Page 1 of 1

User Registration form & login page w/ md5 password hash

Posted: Sun Mar 06, 2005 12:32 pm
by redzonne
On a user registration form, I am able store the user login and md5(password) on my mysql db. I am running into a problem of putting a script together correctly that would validate the database login and md5-ed password.

Registration page (http://www.realestatenetfind.com/agents ... _code.phps)

Login page (http://www.realestatenetfind.com/sellhome_code.phps)

Any suggestions? :cry:

Posted: Sun Mar 06, 2005 12:37 pm
by feyd
from a quick look.. the login page looks okay, other than SQL injection potentials.. What's the specific problem?

Posted: Sun Mar 06, 2005 2:04 pm
by redzonne
The problem was that with MD5 encryption the correct login and password entered was not being accepted/validated...

But, nevermind - I figured it out. The problem was in my table setting in the Mysql database. The passwords column was set VARCHAR (30) and md5 encryptions assigns encryption string 30 +.

The password encryption was saving a depricated version that ofcourse would never match the full version presented by the login script, so I just increased the VARCHAR to 50 and now the login page validation works.

Thanks lots....

Posted: Sun Mar 06, 2005 2:16 pm
by feyd
MD5 uses 32 characters in hex-hash form.