|
Posted by Erwin Moller on 03/26/07 11:59
sathyashrayan wrote:
> Dear group,
>
> For a log-in page I have created a mysql db and user registers
> with a user name and password. The password field is encrypted with
>
> $passwd = sha1($_REQUEST['passwd']);
>
> I insert the $passwd in mysql_insert. The password gets
> encrypted and stored in mysql. Now I want to check if the user has
> entered the correct password when he logs in. How can I do that. Any
> help is appreciated. Thanks in advance.
How?
Compare them of course.
The fact that the password is encrypted doesn't make it something else than
a string of bits.
So:
supose you have a table with userid and sha1_passwd:
$passwd = sha1($_REQUEST['passwd']);
$SQL = "SELECT userid FROM tblusers where (sha1_passwd = '".$passwd."');";
Execute it and see if it has a result. If not, no good password, if so, you
have the userid.
Regards,
Erwin Moller
[Back to original message]
|