Same character set generating different hashs after conversion with MD5()

Asked

Viewed 86 times

1

Hello, I am creating a system that has a user registration area on the system. In the password part I use md5() to transform the characters into Hash.

Only I’m noticing the following, sometimes I insert a character set and the same character set is being stored and displayed with hashes (I don’t know if that’s the plural) different.

For example: The character set 505987.

In the database he gives me the following hash:

inserir a descrição da imagem aqui

Now if I give an echo of that field in my PHP gives the following output:

inserir a descrição da imagem aqui

I wonder if that’s normal ?

And I would also like to know if I were to perhaps make a comparison between these two data at some point, it could go wrong or would go well.

Can the same character set have different hashes ?

I’m sorry if I couldn’t be clear.

UPDATING: It seems that when I type in the form generates a right Hash than when I do a query in the database, I take this field that has the hash stored and stored in a variable and then display this variable.

  • 1

    Hash algorithms are applied to bits.. if you hash an integer or a string that represents this number, the results will be different because the representation of these values in bits is different. That said, the way strings are converted into bits depends on the encoding. It would be nice if you checked if the data type is the same. :)

2 answers

1

In this case use Trim() or str_replace() in single and double quotes.

An addendum, I noticed you are using MD5() as password

In the part of the password I use md5()

The correct thing in this case is to use a salt, add a control value to passwords so that the hash does not return the direct password, as there are several websites that use Rainbow Tables or Hash Tables that can break MD5 easily. Research the concept for best use.

1

A value must only map to a hash field, but a hash can point to multiple passwords. For example, the hash of a password like "vi7700" might equal a password hash like "d3f3q8", but a text only points to a hash.

In your case, the hash that is stored in the database is the correct one, so make sure that when creating a hash you are clearing the empty spaces, use the trim for that reason.

Running here on my machine the following code

<?php

 if(md5('505987') == 'b969d7036923881b0cb18539a7b15e7c'){
    echo "Elas são iguais";
 }

The result was as expected.

  • Hopefully Tim will fix it. I’ll try to do it tomorrow and give you feedback.

  • Trim wasn’t the problem, @Hyptalus. But I still appreciate the help.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.