MD5 encryption problems

MD5 encryption problems

am 27.04.2006 06:44:42 von Frank R

This is a multi-part message in MIME format.

------=_NextPart_000_0005_01C6698B.64E7EED0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi, all I was trying to add md5 encryption to all of my scripts that
needed username and password info entered into the db well every thing
goes smoothly until I try and login.

I encrypt it when it goes in and before I check it after I sent the
login information I encrypted it again but yet it still will not check
right it wont veryify that the information is fright for instance.


//////// login example ////////

Include ("config.php');

$user = $_POST["user"];

$pass = $_POST["pass"];

$pass = md5($pass);

$login = mysql_query("SELECT * FROM admin_guestbook WHERE
username='$user' AND password='$pass'");

$login_check = mysql_num_rows($login);

if($login_check > 0){

session_register('user');

$_SESSION['user'] = $user;

session_register('password');

$_SESSION['pass'] = $pass;

header ("Location:admin_page.php");

}

else {

print "You are not logged in You entered the wrong username
and password combination please try again";

include "admin.php";

}

?> and when I run the check it wont login



Frank R. Jr.




------=_NextPart_000_0005_01C6698B.64E7EED0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40">


charset=3Dus-ascii">









style=3D'font-size:10.0pt;
font-family:Arial'>Hi, all I was trying to add md5 encryption to all of =
my
scripts that needed username and password info entered into the db well =
every
thing goes smoothly until I try and login.



style=3D'font-size:10.0pt;
font-family:Arial'>I encrypt it when it goes in and before I check it =
after I sent
the login information I encrypted it again but yet it still will not =
check
right it wont veryify that the information is fright for =
instance.



style=3D'font-size:10.0pt;
font-family:Arial'><?



style=3D'font-size:10.0pt;
font-family:Arial'>//////// login example =
////////



style=3D'font-size:10.0pt;
font-family:Arial'>Include =
(“config.php’);



style=3D'font-size:10.0pt;
font-family:Arial'>$user =3D =
$_POST[“user”];



style=3D'font-size:10.0pt;
font-family:Arial'>$pass =3D =
$_POST[“pass”];



style=3D'font-size:10.0pt;
font-family:Arial'>$pass =3D md5($pass);



style=3D'font-size:10.0pt;
font-family:Arial'>$login =3D mysql_query("SELECT * FROM =
admin_guestbook
WHERE username=3D'$user' AND =
password=3D'$pass'");



style=3D'font-size:10.0pt;
font-family:Arial'>$login_check =3D =
mysql_num_rows($login);



style=3D'font-size:10.0pt;
font-family:Arial'>if($login_check > 0){



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   session_register('user');



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   $_SESSION['user'] =3D $user;



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   session_register('password');



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   $_SESSION['pass'] =3D $pass;



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   header =
("Location:admin_page.php");



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   }



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   else {



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   print "You are not logged in You entered
the wrong username and password combination please try =
again";



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   include "admin.php";



style=3D'font-size:10.0pt;
font-family:Arial'>         =
   }



style=3D'font-size:10.0pt;
font-family:Arial'>?> and when I run the check it wont =
login



style=3D'font-size:10.0pt;
font-family:Arial'> 



style=3D'font-size:10.0pt;
font-family:Arial'>Frank R. Jr.



style=3D'font-size:
12.0pt'> 









------=_NextPart_000_0005_01C6698B.64E7EED0--

Re: MD5 encryption problems

am 27.04.2006 10:25:40 von richard.a.fletcher

I assume the form has attribute method="post" and not method="get"
other than that I would say that it should work assuming you give the
correct password. You do realise that you have made the passwords case
sensitive I assume. Perhaps the conversion from non-md5'd passwords to
md5 passwords went wrong?

Also, put a die() after header, in case it ever goes wrong, and you put
more code at the bottom of the page.

Re: MD5 encryption problems

am 27.04.2006 23:51:01 von Frank R

Well what happens is it doesn't really show any errors it just goes
straight to the username is invalid and the info is 100% correct.
Frank R. Jr.

-----Original Message-----
From: richard.a.fletcher@googlemail.com
[mailto:richard.a.fletcher@googlemail.com]
Posted At: Thursday, April 27, 2006 3:26 AM
Posted To: alt.php.sql
Conversation: MD5 encryption problems
Subject: Re: MD5 encryption problems

I assume the form has attribute method="post" and not method="get"
other than that I would say that it should work assuming you give the
correct password. You do realise that you have made the passwords case
sensitive I assume. Perhaps the conversion from non-md5'd passwords to
md5 passwords went wrong?

Also, put a die() after header, in case it ever goes wrong, and you put
more code at the bottom of the page.