System not identifying encrypted password

Asked

Viewed 96 times

-1

So I made a php system linked to my mysql where there is a table called authme and it has the login information, such as password, name and other things more when logging in the system not recognize the encrypted password, so if I get the password already the way it is in the databases it enters the system

Example registered password 12345 gets encrypted $SHA$50fdc0a77d1689bb$ff363f687bc07e7337bb37dfe994f2f90ac84b185e2b6846b588644325a81884

and only enter with the encrypted password

my code

<?php 


include("admin/bd/config.php");

if (isset($_POST['username']) && isset($_POST['password'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];

    $get = mysqli_query($con,"SELECT * FROM authme WHERE username = '$username' AND password = '$password'");
    $num = mysqli_num_rows($get);

    if ($num == 1) {
        while ($percorrer = mysqli_fetch_array($get)) {
            $adm = $percorrer['adm'];
            $username = $percorrer['username'];

            session_start();

            if ($adm == 1) {
                $_SESSION['adm'] = $username;
                echo '<script type="text/javascript">window.location = "admin/index.php"</script>';
            }else{
                $_SESSION['nor'] = $username;
                echo '<script type="text/javascript">window.location = "index.php"</script>';
            }


        }
    }else{
        echo "O email ou a senha está errado";
    }
}


?>
  • What encryption are you using there ?

  • I switched the system to SHA1, but I think I’m writing wrong in the code

3 answers

1

from what I understand your password at the bank is encrypted with sha1, if it is this, in your post missing password you convert the entry with the same encryption.

$password = sha1($_POST['password']);

you can also use other encryption alternatives like md5() or hash()

  • I do not know if the same thing more in the system ta SHA256

  • 1

    In this case then try sha256($string)!

  • If my answer satisfied the solution of your problem, mark as answer.

0

<?php 

include("admin/bd/config.php");

if (isset($_POST['username']) && isset($_POST['password'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $get = mysqli_query($con,"SELECT * FROM authme WHERE username = '$username'");
    $num = mysqli_num_rows($get);

    if ($num == 1) {

        while ($percorrer = mysqli_fetch_assoc($get)) {

            if (password_verify ( $_POST['password'] , $percorrer['password'] )){

                $adm = $percorrer['adm'];
                $username = $percorrer['username'];
                session_start();
                if ($adm == 1) {
                    $_SESSION['adm'] = $username;
                    header("Location: admin/index.php");
                }else{
                    $_SESSION['nor'] = $username;
                    header("Location: index.php");
                }

            }

        }

    }


}

-1


<?php 
include("admin/bd/config.php");

$sql="SELECT * FROM authme WHERE username='".$_POST['username']."'";
$resulta = mysqli_query($con,$sql);

if (isset($_POST['username']) && isset($_POST['password'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $get = mysqli_query($CnHUP,"SELECT * FROM authme WHERE username = '$username'");
    $num = mysqli_num_rows($get);

    if ($num == 1) {

        while ($percorrer = mysqli_fetch_assoc($get)) {

            if (password_verify ( $_POST['password'] , $percorrer['password'] )){

                $adm = $percorrer['adm'];
                $username = $percorrer['username'];
                session_start();
                if ($adm == 1) {
                    $_SESSION['adm'] = $username;
                    echo '<script type="text/javascript">window.location = "admin/index.php"</script>';
                }else{
                    $_SESSION['nor'] = $username;
                    echo '<script type="text/javascript">window.location = "index.php"</script>';
                }

            }

        }

    }


}
  • $password = sha1($_POST['password'])

  • Understand first of all, anything, that it does not help you to encrypt in Greek, and try to capture in German. you have to critogrify in Greek to read Greek, and German to read German. is like a person who communicates with another person, or you have a translator, or speaks in the other person’s language.

  • like I said I switched the system to SHA1, and I made this code but not that go

  • Come on, in your password field, inside the database, put this value: 8cb2237d0679ca88db6464eac60da96345513964 and in your form field, put; 12345 * BEFORE MAKE THE CHANGE IN WHAT I proposed in my reply.

  • Tell me the result,

  • gave nothing friend

  • i gave var dump and returned it 1a7b45ec4c0661b31f3e0cf2f2738d10

  • you put in the password field of your database this value ? 8cb2237d0679ca88db6464eac60da96345513964 and made the change I proposed? if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = sha1($_POST['password']);// ENCRYPT PASSWORD HERE

  • So you’re not doing what I asked.

  • you must be encrypting up to the code I sent. rs rs

  • $password='12345'; sha1 = 8cb2237d0679ca88db6464eac60da9634551396

  • You can call me to the shat?

  • $password = sha1($_POST['password'])'

  • Something wrong is not right.

  • We are reaching a consensus... rs

  • to help you with passwordhash, I need to know how you are generating the password,

  • $SHA$aadb6f5d4d0aa464$2d3630eb8b29d40c35cb563f0c8ba89740d8fe3c15d04af8211cc1fb7f1c7f1b = 12345m

  • I changed the legacyHashes to SHA1 and n will

Show 13 more comments

Browser other questions tagged

You are not signed in. Login or sign up in order to post.