MD5 Implementation in PHP

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
anp2416
Forum Newbie
Posts: 2
Joined: Sun Oct 21, 2007 11:52 pm

MD5 Implementation in PHP

Post by anp2416 »

Hello,
I am developing a website, which has an "index.php" page which has a login associated with a form. In this page, there is a function "Validate" which checks for the blank user name and password. The form action field is associated with "login_chk.php" , so on clicking the login button, the form is posted to "login_chk.php" in which the user name and passwords are checked with the database.

Now I want to know, where should I implement MD5 hashing , so that user name and password travels in encrypted form?

Thank you
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Post by Kieran Huggins »

Here's a Javascript MD5 (among other hashing algorithms):
http://pajhome.org.uk/crypt/md5/

And on the same site, the challenge/response login system you're looking for:
http://pajhome.org.uk/crypt/md5/auth.html
anp2416
Forum Newbie
Posts: 2
Joined: Sun Oct 21, 2007 11:52 pm

MD5 Implementation in PHP

Post by anp2416 »

Hello,
But where should I implement the MD5 hashing - in index.php or in login_chk.php.

Thank you
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

md5() is a built-in function. Unless you have an odd configuration it should be available anywhere in PHP.
Post Reply