Logging in with sha1() encryption.

Posted by Samir Ghobril on Stack Overflow See other posts from Stack Overflow or by Samir Ghobril
Published on 2011-01-12T18:11:49Z Indexed on 2011/01/12 19:53 UTC
Read the original article Hit count: 140

Filed under:

php

|

sha1

Hey guys, I added this to my sign up code :

$password=mysql_real_escape_string(sha1($_POST['password']));

and now it inserts the password into the database while its encrypted. But signing in doesn't seem to work anymore. Here is the login code.

function checklogin($username, $password){
            global $mysqli;

        $password=sha1($password);
            $result = $mysqli->prepare("SELECT * FROM users WHERE username = ? and password=?");
            $result->bind_param("ss", $username, $password);
            $result->execute();

        if($result != false){

            $dbArray=$result->fetch();


            if(!$dbArray){
                echo '<p class="statusmsg">The username or password you entered is incorrect, or you haven\'t yet activated your account. Please try again.</p><br/><input class="submitButton" type="button" value="Retry" onClick="location.href='."'login.php'\">";
                return;
            }
            $_SESSION['username']=$username;

            if(isset($_POST['remember'])){
                setcookie("jmuser",$username,time()+60*60*24*356);  
                setcookie("jmpass",$password ,time()+60*60*24*356);
            }

        redirect();
        }

© Stack Overflow or respective owner

Related posts about php

Magento, NGINX, PHP-FPM, APC, MEMCACHED, 16gb Ram CentOS, Spiking PHP-FPM to 100% CPU

as seen on Server Fault - Search for 'Server Fault'
I have been trying to resolve my issue of spiking cpu caused by php-fpm processes. I've reduced the php-fpm config settings to: pm = ondemand pm.max_children = 12 pm.start_servers = 2 pm.min_spare_servers = 2 pm.max_spare_servers = 10 pm.max_requests = 500 php_admin_value[memory_limit] = 128M Problem… >>> More
PHP Pear Installation on CentOS

as seen on Server Fault - Search for 'Server Fault'
[root@ip ~]# yum install php-pear* Reducing CentOS-5 Testing to included packages only Finished Setting up Install Process Package 1:php-pear-1.8.1-2.el5.centos.noarch already installed and latest versio … >>> More
Apache configurations for php "AddType text/html php" or "AddType application/x-httpd-php php .php"

as seen on Server Fault - Search for 'Server Fault'
I am taking over an application server and discover that it contain the following settings: AddType text/html php Although it works, but my understanding is that it should set as following: AddType application/x-httpd-php php .php What are the key differences between the two settings?… >>> More
mod_rewrite settings causes server to throw HTTP 500 errors instead of 404

as seen on Server Fault - Search for 'Server Fault'
Hello. I have a server with VBulletin forum (working under Apache 2.2, CentOS). The default settings for it in .htaccess are as follows: RewriteEngine on RewriteCond %{HTTP_HOST} ^gsmforum\.ru RewriteRule (.*) http://www.gsmforum.ru/$1 [R=301,L] # If you are having problems or are using VirtualDocumentRoot… >>> More
Problems installing Memcache (PECL extension)

as seen on Server Fault - Search for 'Server Fault'
I have installed memcached fine, and now I will need to install PECL extension memcache. Im running RedHat x86_64 es5. The installation gives me this: downloading memcache-2.2.6.tgz ... Starting to download memcache-2.2.6.tgz (35,957 bytes) ..........done: 35,957 bytes 11 source files, building running:… >>> More

Related posts about sha1

PBKDF2-HMAC-SHA1

as seen on Stack Overflow - Search for 'Stack Overflow'
To generate a valid pairwise master key for a WPA2 network a router uses the PBKDF2-HMAC-SHA1 algorithm. I understand that the sha1 function is performed 4096 times to derive the PMK, however I have two questions about the process. Excuse the pseudo code. 1) How is the input to the first instance… >>> More
Is it possible to get identical SHA1 hash?

as seen on Stack Overflow - Search for 'Stack Overflow'
Given two different strings S1 and S2 (S1 != S2) is it possible that: SHA1(S1) == SHA1(S2) is True? If yes - with what probability? Is there a upper bound on the length of a string, for which probably of getting duplicates is 0? If not - why not? Thanks >>> More
Is it possible to convert a 40-character SHA1 hash to a 20-character SHA1 hash?

as seen on Stack Overflow - Search for 'Stack Overflow'
My problem is a bit hairy, and I may be asking the wrong questions, so please bear with me... I have a legacy MySQL database which stores the user passwords & salts for a membership system. Both of these values have been hashed using the Ruby framework - roughly like this: hashedsalt = … >>> More
Is there any difference between md5 and sha1 in this situation?

as seen on Stack Overflow - Search for 'Stack Overflow'
It is known that 1. if ( md5(a) == md5(b) ) 2. then ( md5(a.z) == md5(b.z) ) 3. but ( md5(z.a) != md5(z.b) ) where the dots concatenate the strings. What happens in the second row if we change all the md5 to sha1? So: 1. if ( sha1(c) == sha1(d) ) 2. then ( sha1(c.z)… >>> More
iPhone: convert string using HMAC-SHA1

as seen on Stack Overflow - Search for 'Stack Overflow'
hi all, i want to generate HMAC-SHA1 of NSString type variable. I see the post but this method give me error in CCHmac(kCCHmacAlgSHA256, cKey, strlen(cKey), cData, strlen(cData), cHMAC); and NSString *hash = [HMAC base64Encoding]; line. Please suggest how can I generate the HMAC-SHA1 of any string… >>> More