php validate user password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



These days SHA should really be used instead of MD5, and you should be SALTing the password as well.
Here's a great guide : http://phpsec.org/articles/2005/password-hashing.html

Michael Kubler
*G*rey *P*hoenix *P*roductions <http://www.greyphoenix.biz>



Jan G.B. wrote:
2009/2/9 Andrew Williams <andrew4williams@xxxxxxxxx>:
Can some body help out on how to validate user password from the database?

There are several possibilities. This would be one.
<?
$query = 'SELECT 1 from `usertable` where `name` = ' .
mysql_real_escape_string(STRIPPED_AND_TRIMMED_REQUEST_VAR_HERE)
      . ' AND `pass` = md5("' .
mysql_real_escape_string(STRIPPED_AND_TRIMMED_REQUEST_VAR_HERE) .
'");';
?>



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux