Reputation: 11
How can I encrypt password to md5 in my php code
I need a help to encrypt passwords that passes to my demo registration form.
This is my execute.php in form action
<?php
session_start();
include('db.php');
$username=$_POST['username'];
$result = mysqli_query($db,"SELECT * FROM member WHERE
username='$username'");
$num_rows = mysqli_num_rows($result);
if ($num_rows) {
header("location: register.php?remarks=failed");
}
else
{
$date = date("Y-m-d");
$fullname= $_POST['fullname'];
$username=$_POST['username'];
$password=$_POST['password'];
mysqli_query($db,"INSERT INTO member(date, fullname, username, password)VALUES('$date', '$fullname',
'$username','$password',)");
header("location: register.php?remarks=success");
}
?>
And this is my registercheck.php include
<?php
session_start();
include("db.php");
if($_SERVER["REQUEST_METHOD"] == "POST")
{
$username=mysqli_real_escape_string($db,$_POST['username']);
$password=mysqli_real_escape_string($db,$_POST['password']);
$result = mysqli_query($db,"SELECT * FROM member");
$c_rows = mysqli_num_rows($result);
if ($c_rows!=$username) {
header("location: index?remark_login=failed");
}
$sql="SELECT mem_id FROM member WHERE username='$username' and password='$password'";
$result=mysqli_query($db,$sql);
$row=mysqli_fetch_array($result,MYSQLI_ASSOC);
$active=$row['active'];
$count=mysqli_num_rows($result);
if($count==1)
{
$_SESSION['login_user']=$username;
header("location: profile");
}
}
?>
I dont know what to do guys. Please help me. Any comment will be appreciated very big Thanks.
Upvotes: 0
Views: 239
Answers (1)
Reputation: 1716
You wouldn't. MD5 is not secure enough for a password. It's very fast and highly frowned upon.
Instead, you would opt to use password_hash and password_verify
The man pages do a great job of explaining how to use them.
First you would store the contents of password_hash to your database (during registration).
$password=password_hash($_POST['password'], PASSWORD_DEFAULT);
To check if a password matches (for when you are performing a login check) you would first SELECT the password from the database and use password_verify
if(password_verify($_POST['password'], $row['password'])){
//password matches
}
Upvotes: 3
Related Questions
- Md5 salt password php
- encrypt and decrypt md5
- PHP Salt password encryption
- Md5 hash encryption and decryption
- md5 Decryption in PHP
- How do I encrypt this password with MD5 using PHP?
- PHP MD5 Password Encryption and DB Entry
- how to crypt passwords and use it in a function?
- How to encrypt this file with PHP?
- MD5 Encrypt all the password in a table