logo
down
shadow

How to login the page using after hashing password


How to login the page using after hashing password

By : Darryl
Date : November 18 2020, 03:49 PM
may help you . Your are comparing the hashed/salted password with the text-password.
For example: 5a44e87906e4e5dbf7991d5784fd56f14dc426aafbd8dbb7b1e0953e1399f2ad is not equals foo
code :
// Get values from form
$fullname=$_POST['userid'];
$username=$_POST['username'];
$email=$_POST['uemail'];
$password=$_POST['passid'];
$birthdate=$_POST['birthdate'];
$country=$_POST['mytextarea'];
$hash = hash('sha256', $password);

function createSalt()
{
    return '2123293dsj2hu2besdbsjdsd';
}

$salt = createSalt();
$password = hash('sha256', $salt . $hash);
// Insert data into mysql
$sql="INSERT INTO tbl_registration(`fullname`,`username`,`email`,`password`,`birthdate`, `country`) VALUES('{$fullname}', '{$username}', '{$email}', '{$password}', '{$birthdate}', '{$country}' )";
$result=mysql_query($sql);
// userName and password sent from form
$myusername=$_POST['username'];
$mypassword=$_POST['password'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$salt = createSalt();
$hash = hash('sha256', $mypassword);
$mypassword = hash('sha256', $salt . $hash);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1 ){
    if(crypt($password, $row['Password']) == $row['Password'])
    {       
        header("location:index.php");
        exit();
    }
}
else {
    //echo "Wrong Username or Password";
    header("Location:login.php?errorMssg=".urlencode("Wrong Username or Password"));
}

function createSalt()
{
    return '2123293dsj2hu2besdbsjdsd';
}


Share : facebook icon twitter icon
password hashing / login

password hashing / login


By : Khawla Mammad
Date : March 29 2020, 07:55 AM
this one helps. My advice to you is to look for a library/framework that does this for you. Many frameworks will automatically and correctly take care of this kind of thing under the hood for you, often including roles based authorization. Authentication and Authorization aren't immensely difficult to get right, but they're hard enough that you should try to avoid doing it yourself unless you're doing it as a learning exercise.
As for the correctness of your code, I think you need to use the salt matching the stored password on your account name to compare passwords. You should be looking up the password hash for the given username in the database, retrieving the salt from that password hash (which you correctly appended) then using the retrieved salt on the supplied password to get a hash. You then string compare the hash with the stored hash to authenticate.
Hashing a password PHP Login not working

Hashing a password PHP Login not working


By : Elisabeth Mansfield
Date : March 29 2020, 07:55 AM
may help you . In your login code, you need to compare the MD5 hashed version of the entered password with the MD5 hashed version you are storing. If the hashes match, the password matches.
The simplest way to achieve this would be to hash the entered password just before comparing it in the exact same way as you are in the register code:
code :
$query = "SELECT user,pass FROM members WHERE user='$user' AND pass='".md5($pass)."'";
Hashing password and login

Hashing password and login


By : user3046749
Date : March 29 2020, 07:55 AM
I wish this help you All password_verify() needs is the user's password and the hash from the database. You don't need to hash anything yourself again.
Instead, you should just use:
code :
if(password_verify($password, $res["password"])){
// or
if(password_verify($_POST['password'], $res["password"])){
After hashing a password in Django, I cannot login as my password is unhashed

After hashing a password in Django, I cannot login as my password is unhashed


By : Katie Goodwin
Date : March 29 2020, 07:55 AM
Does that help I think your profile form is mismatch...
your UserProfileForm clean_password return '' string. which should not be like this.
New hashing of password - redirect users to password reset on login attempt

New hashing of password - redirect users to password reset on login attempt


By : Shawn Warner
Date : March 29 2020, 07:55 AM
will be helpful for those in need I suggest that you create a middleware ( EnsurePasswordIsAdded as an example ) for your case and not include the verification process in a controller, because a controller usually contains functions that interact either a database or an external API to provide a response to the user which is not the case for you, you're just filtering/verifying the request.
here's the documentation link about middlewares in Laravel:
code :
 public function handle($request, Closure $next)
 {
    if ( !User::find($request->email)->hasPassword() ) {
        return redirect('password-reset')->with('email',$request->email);
    }
    return $next($request);
 }
Related Posts Related Posts :
  • Dynamic image for user's ID
  • How to only upload specific parts of HTML form with PHP?
  • Dynamic PHP string as MySQL table name
  • What is the error in my query?
  • PHP Upstart on Amazon EC2 Linux (Elasticbeanstalk)
  • how to print dynamic variable value in php
  • php mysql insert values and select
  • uploading image in codeigniter controller
  • Converting htaccess to nginx for counter
  • how can I show my signal transaction data as project name
  • php raspberry pi trying to change pi date
  • PHP and mysql, SELECT query return null
  • Unable to store Date values in php mysql table that are existing in excel file
  • Can we include 2 Mail() functions in 1 Page?
  • Problems with chinese characters
  • How to apply a function to every foreach result?
  • Use of CONCAT in FROM clause
  • Tag endpoint combined with user endpoint with Instagram API
  • create dynamic time in php and mysql
  • How to break zero index comma separated value into individual string in php
  • PHP Login session and echoing username
  • PHP : Difference b/w new self and new object()
  • Turkish character issue while inserting into MySQL database with PHP
  • Insert data from one DB into another on a different server - servers not linked
  • Sorting an array of strings using values alphabetically and considering the cases of values in PHP
  • Unable to solve .htaccess url rewriterule, gives 404 for all pages
  • Dual URL Rewrite In PHP
  • How to change value of cdata inside a .xml file and then again save it using php
  • Using filters from other classes within rules method in Yii 2?
  • json_decode syntax error from valid json
  • PHP get directory of included file on Virtualhost
  • RSA in php is confusing
  • Order in order without using events
  • How do I download a batch of pictures from URLs stored in a MySQL database
  • How to find pattern matching and save to array with preg_match
  • laravel4 data is not inserting in a single field
  • How can i merge Rows of An HTML table fetched from Mysql
  • How to get the duplicate values in array?
  • Add "."(dot) in a Numbers
  • Zend 2 multiple layouts for 1 module setup
  • PHP - Codeigniter : Uncaught exception 'PHPExcel_Reader_Exception' with message 'Could not open for reading, File does n
  • PHP Form Troubles
  • How to use if condition in my wordpress shortcode
  • Amazon S3 Data retrieval in URL for all the images in bucket
  • Convert Bangla date to standard English date
  • In Jquery how to redirect to another page?
  • Building an ecommerce site using Laravel: How do I view/route products based on their ID?
  • My kg and lbs conversion is always off by significant amount
  • How to use loop in comment section
  • Jqgrid with Datepicker
  • How to prevent opening an authenticated php web page?
  • phpexcel - Making file to download rather than saving in the server
  • Send radio box value with $_POST
  • Volley: How to extract JSONObject from String Response? Is it possible?
  • Adding Image to the Excel in phpexcel in php
  • Pass an array to Redirect::action in laravel
  • display file name in while loop without url
  • Snow by date php
  • How to Replace a value in SQL only to a certain extent
  • How do I use HTML & PHP forms to insert data into a database?
  • shadow
    Privacy Policy - Terms - Contact Us © ourworld-yourmove.org