473,387 Members | 1,876 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > could i ask how to encrypt a password when it submits to the database?

Join Bytes to post your question to a community of 473,387 software developers and data experts.

could i ask how to encrypt a password when it submits to the database?

Paul NIcolai Sunga
.i need your help guys,. thanks, i just want to know how to encrypt the password that have been submit to the database.

/* $lik refers to the database linked, i assumed that the database has been connected */

Expand|Select|Wrap|Line Numbers
  1. <?Php
  2.  
  3. $uname = $_POST['unametxtbox'];
  4. $pwd = $_POST['pwdtxtbox'];
  5.  
  6. $query = mysqli_query($link, "Insert into user_tbl(username, password) values('$uname', '$pwd');
  7.  
  8. ?>

where should i put the crypt object here in my codes?

thanks,
Oct 5 '08 #1
3 1297
Markus
6,050 Expert 4TB
Hey, Paul.

First things first, you've been on the forums for long enough to know that when you submit code you wrap it with [code] tags. Remember this or there shall be further action taken.

Second, when you insert data into a database, you should always assume it's corrupt data, ie. always escape the data to clear out any possibilities of mysql_injection. Please read the tutorial on this; it will show you how to escape your POST values (and GET).

Now onto your question.

I would crypt() the data as you're inserting it. This way, the original is left readable and you can use it for other stuff.

Expand|Select|Wrap|Line Numbers
  1. <?Php
  2.  
  3. $uname = $_POST['unametxtbox']; // ESCAPE THESE!
  4. $pwd = $_POST['pwdtxtbox']; // ESCAPE THESE!
  5.  
  6. $query = mysqli_query($link, "Insert into user_tbl(username, password) values('$uname', 'crypt($pwd)');
  7.  
  8. ?>
Oct 5 '08 #2
bnashenas1984
258 100+
The most common commands programmers use on PHP to store users passwords on database is MD5 and SHA1.
I usualy use MD5 , It changes the password to a 32 bit code which is not reversable BUT after discussing with one of the moderators of this forum (Atli) I realized that SHA1 is safer to use.

What you can do is that you use MD5 or SHA1 before you put the password in your database like this :

Expand|Select|Wrap|Line Numbers
  1. MD5($password);
  2.  
  3. // OR
  4.  
  5. SHA1($password);
  6.  
And next time the user enters password you use these functions again before comparing the users input with your database.

Note : The result of these two functions are not the same

Hope this helps you
Oct 5 '08 #3
The most common commands programmers use on PHP to store users passwords on database is MD5 and SHA1.
I usualy use MD5 , It changes the password to a 32 bit code which is not reversable BUT after discussing with one of the moderators of this forum (Atli) I realized that SHA1 is safer to use.

What you can do is that you use MD5 or SHA1 before you put the password in your database like this :

Expand|Select|Wrap|Line Numbers
  1. MD5($password);
  2.  
  3. // OR
  4.  
  5. SHA1($password);
  6.  
And next time the user enters password you use these functions again before comparing the users input with your database.

Note : The result of these two functions are not the same

Hope this helps you









thankz very much indeed!!!






regards,




paul nicolai sunga
Oct 11 '08 #4

Sign in to post your reply or Sign up for a free account.

Similar topics

1
how to encrypt with a string as input,but not a key object
by: wqhdebian | last post by:
As far as I know,when encrypt or decrypt ,a key must first be got,and the key is first generate by a tool or from SecurityRandom,that means I can not generate the same key with the same input.Does...
Java
0
encrypt() problem
by: Alan Murrell | last post by:
Hello, I am setting up a Postfix + MySQL + Courier-IMAP system. I am trying to write a shell script which will insert the values into the database. For the password encryption, I wish to use...
MySQL Database
1
ERR: "the XML Schema could not be interpreted from this object"
by: Gidrazas | last post by:
Hello I'm trying to generate DataSet from Sybase ASA 9 database. I'll use it in Crystal Reports. But when i'm trying to drag table from Server Explorer as written in...
.NET Framework
3
How can I encrypt the password stored in a database table ?
by: Alex Nitulescu | last post by:
Hi. I am writing an app which stores usernames/passwords and email addresses in a database table. The question is how can I encrypt the password provided by the user ? ...
ASP.NET
3
Encrypt sqlconnectionstring on XML files
by: Luis Esteban Valencia | last post by:
Hello I want to encrypt the sqlconenction string on the xml configuration files. The problem is the following I have an application at my company that accesses a sql server local database. ...
ASP.NET
2
encrypt password
by: Daniel | last post by:
Hi All, Does anyone know how to encrypt the password before store in the sql database? In addition, decrypt the password from database before comparison. The purpose to do it because to hide the...
ASP.NET
4
Encrypt ConnectionString in a *WINFORMS* App
by: google | last post by:
OK, I know how to encrypt and decrypt data, but here's the deal: I have a large Winforms .NET 2.0 application which is currently storing the connection string in the app.config file unencrypted...
.NET Framework
2
"Could not find installable ISAM"
by: orandov | last post by:
I am trying to connect to an Access 2000 database from VB.NET and I get this error "Could not find installable ISAM." I don't think there is anything wrong with my connection string. ...
Microsoft Access / VBA
2
How to secure a webservice - could some expert advise?
by: thomas | last post by:
Hi everybody, Here is the scenario: webservice and a windows client application. Requirements: 1. Only authenticated and authorized users shall be able to call web methods. 2. User names or...
.NET Framework
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!