Md5

SP8600

Can some one tell me how i should write these two out please, it is used for changing a users password in a MySQL database.

$sql = "UPDATE users SET username='$username',password='" . md5($password) . "',name='$name',email='$email',type='$type' WHERE ID='$id'";

<INPUT NAME=\"password\" TYPE=\"text\" value=\"".$row["md5($password)"] ."\">

djroki

You are encrypting the pasword too many times, using md5 AND MySQL's built-in encryption methods.

These are one-way encryption methods, meaning that you CAN'T (or at least it's bloody difficult 😉 ) to get a password from it after it has been encrypted.

This is the way I do it, but bear in mind that you WON'T ever be able to tell a user their password, or allow them to view it on a webpage. If they forget the pass, they should answer a security question and then have the ability to overwrite their old pass with a new one:

and then:

$password = md5($pass);

$sql = "UPDATE_users_SET_username='$username', password='$password' WHERE id='$id'";

When you validate a password during login, simply do the encryption ONCE on their password, then compare the two 32 character encrypted strings. If they match, the password is correct and you can log them in.

I hope this is clear. Good Luck!