MD5 Password Encryption ..
Posted: Sat Sep 20, 2008 1:56 pm
Hii...
i've encrypted my password and inserted it into the database table, but when i tries to retrieve it i'm getting login failure..i'm herewith posting my source code..kindly go thru this and do the needful..
the passwords inserted are being successfull md5 encrypted but when i'm matching the entered password in the form with the original md5 password in database,i'm unable to login..
kindly do the needful..awaiting for ur reply guys..
i've encrypted my password and inserted it into the database table, but when i tries to retrieve it i'm getting login failure..i'm herewith posting my source code..kindly go thru this and do the needful..
the passwords inserted are being successfull md5 encrypted but when i'm matching the entered password in the form with the original md5 password in database,i'm unable to login..
Code: Select all
<?php
//Connect to mysql server
$link=mysql_connect("localhost","root","");
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db=mysql_select_db("trrcollege");
if(!$db) {
die("Unable to select database");
}
//Sanitize the value received from login field
//to prevent SQL Injection
if(!get_magic_quotes_gpc()) {
$username=mysql_real_escape_string($_POST['username']);
}else {
$username=$_POST['username'];
}
$username = $_POST["username"];
$password = md5($_POST["password"]);
//Create query
$query="SELECT * FROM login WHERE username='" . mysql_real_escape_string($username) . "' AND password='".md5($_POST['password'])."'";
//require_once('attempt.log.class.php');
$result=mysql_query($query);
$rows2=mysql_fetch_array($result);
if($rows2["password"] == $password && $rows2["username"] == $username )
{
if(mysql_num_rows($result)>0)
{
//Login Successful
session_start();
$start=time();
$_SESSION['time_start']=$start;
$_SESSION['username']=$username;
$_SESSION['password']=$password;
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
session_register('username');
session_register('password');
session_register('time_start');
session_regenerate_id();
session_write_close();
include "session.php";
include "scsession.php";
include("class_session.inc.php");
header("Location: redirect.php");
exit();
}
else {
//Login failed
require_once('attempt.log.class.php');
session_unset();
session_destroy();
header("location: loginfail.htm");
exit();
}
}
else{
require_once('attempt.log.class.php');
session_unset();
session_destroy();
header("location: loginfail.htm");
}
?>