Code to change the word to md5 encrypted form

Question

3.00/5 (1 vote)

See more:

PHP

i want to change my password to md5 encrypted form and then save to the database please provide the code.

Posted 8-Nov-11 15:57pm

sanjiv shah

Add a Solution

Comments

Sergey Alexandrovich Kryukov 8-Nov-11 22:36pm

Any specific preference for MD5? Not safe for storing passwords!
--SA

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Answer 1 · 2011-11-08T16:36:00

Solution 1

This is not encryption, but a cryptographic hash function, which is a very different thing. Yes, it can be good enough to store passwords. See http://en.wikipedia.org/wiki/Cryptographic_hash_function[^].

A word or warning: don't use MD5! This algorithm is considered broken, see http://en.wikipedia.org/wiki/MD5[^]. I would recommend to use the functions of the Secure Hash Algorithm ("SHA") family, see http://en.wikipedia.org/wiki/SHA2[^].

To use the cryptographic hash functions with PHP, see:
http://php.net/manual/en/function.hash.php[^].

—SA

Posted 8-Nov-11 16:36pm

Sergey Alexandrovich Kryukov

Comments

sanjiv shah 8-Nov-11 23:05pm

i have change my password field to md5 hash form in db, now i want to check the password with the password field of database.
i have taken the data from database
$result=mysql_query("SELECT * FROM `tbl_user` WHERE `user_name` = '$_POST[user_name]'");
$row = mysql_fetch_array($result);
if($row["password"]==$_POST["password"])// how to match in the password in this code
if(md5($row["password"])==$_POST["password"])//it did not work

Sergey Alexandrovich Kryukov 8-Nov-11 23:33pm

Why did you ignore my recommendation?
--SA

markkuk 10-Nov-11 17:57pm

Your code is a gaping security hole, not just because the use of vulnerable MD5 algorithm. The completely open possiblilty for SQL injection is even worse error.