i encrypt password with Md5 method. now to change update page i add value to password field! if user not changed password send password with md5 to mysql database and this false ( double md5 password )

Example :

//change Name lastname country ......... more
<input name="pwd" value="<?PHP echo $row["pwd"]; ?>" /> //password value is MD5 . This Value for Not Empty field.

now if User type new password worked and update mysql with new Md5 password ! but if user not changed this form send

<?PHP echo $row["pwd"]; ?>

and update code( update.php ) encrypted this password so double encrypted .

Thanks For Any Help.

    MD5 hash of the password is meant to be reading purposes only. Just dont print the hash to the form and leave it empty. If user didnt put anything to the password field, dont update the password. If user put something in the password input, then encrypt and save that to the database.

      Write a Reply...