Apache Friends Support Forum

[arjita]

Hi All,

I am trying to encrypt a password that the user enters ,and then compare it to a hard coded value.I want that when the user types in the passwords it appears like stars/dots ..like in a generic login page.

$password =md5($_POST['password']);
(I tried using the crypt function aswell..doesnt help )

and then

if ($password == "Arjita").

Pleaseeee help!

Thanks in advance

[Wiedmann]

It make no sense to store an encrypted string (the entered password) in a variable, and then compare this variable with an unencrypt string (hardcoded password). This can't work.
--> The hardcoded password must also be encrypted. (or use the entered password unencrypted)

[arjita]

I know..But I am not sure how to do it.I would want to encyprt the hardcoded password then to enetered the password unencrypted.

Thanks

[glitzi85]

Hello Arjita,

it is not possible to encrypt an md5-crypted hash (maybe if you work for the NSA and have enough time). That's the sense of the Oneway Hashing Functions.

You should save the crypted password in a file, Database or even in your PHP-File, crypt the entered passwort and compare it with the saved password.

Code: Select all

<?php
$password = "0993c6f9e49d8f505d0667274ff4f2fe";
if(md5($_POST['password']) == $password){
 echo "Welcome Arjita";
}else{
 echo "You are not Arjita";
}
?>

In this case nobody can log in even if he know the upper String (0993...).

glitzi