Reputation: 15925
passwords from html to php then mysql
I have a registration page which has the following password entry control:
<input type="password" />
What is the best way to send this password to the server and then save it into a database for later comparison when login in?
Upvotes: 1
Views: 120
Answers (3)
Reputation: 2292
As @Elzo suggested, HTTPS must be used when passwords and privacy data are involved. HTTPS is useful for network data transmissions. Now, about password storange security... the password must be saved using oneway hashing algorithm like md5 (you can use the md5() function in php). Don't store clean passwords in the db. Then, when the user will log in, the server side script will receive the password and it will check the corrispondence between the md5("userpasswordinput") sended by user through the html form and the value stored in the db table (previosly encoded as md5).
Upvotes: 0
Reputation: 27866
The best way is to use HTTPS. HTTPS protects traffic from client to server and was designed specifically for this. You dont need to encode anything at this level. @Adrian link post is about storage of the passwords in a database and you will get there useful info. Just remember not to save the passwords directly, save either hashes either heavily encrypted versions.
Upvotes: 3
Related Questions
- Login Form: Submitting Password + Saving Password in Server
- MySQL password() function to PHP
- Looking to hash passwords entered from user input to mysql database
- Change password using php
- Password Protection Using PHP and MySQL
- Comparing MYSQL password vs HTML form password
- Password Protecting A Webpage
- mysql passwords Connecting to MySQL with PHP
- HTML PHP MYSQL Change Password
- PHP & MySQL Password Question