How to insert and select into/fr database in sha1, md5 format?

Discussion in 'PHP' started by Hannaspice, Apr 21, 2016.

  1. #1
    Hi there,
    I have a very simple question : how to insert the password using sha1(md5) format into db and how to select it fr data.

    registration.php:
    
    $email=$_POST['email'];
    $password=$_POST['password'];
    
    "INSERT INTO `users` VALUES ('$email', $password)";
    Code (markup):
    login.php:

    
    $email=$_POST['email'];
    $password  = $_POST['password'];
    
    "SELECT * FROM `users` WHERE `email`='" . $email . "' AND `password`='" . $password . "';
    Code (markup):
    Thanks for help,
    Hanna
     
    Last edited: Apr 21, 2016
    Hannaspice, Apr 21, 2016 IP
  2. fisasti

    fisasti Active Member

    Messages:
    42
    Likes Received:
    5
    Best Answers:
    2
    Trophy Points:
    58
    #2
    Hi there! It's really simple. You can use the md5 php function. Here is the code:

    registration.php
    $email=$_POST['email'];
    $password=md5($_POST['password']);
    
    $sql = "INSERT INTO `users` VALUES ('$email', $password)";
    mysql_query($sql);
    Code (markup):
    login.php
    $email=$_POST['email'];
    $password = md5($_POST['password']);
    
    $sql = "SELECT * FROM `users` WHERE `email`='" . $email . "' AND `password`='" . $password . "';
    Code (markup):
    Good luck!
     
    fisasti, Apr 21, 2016 IP
  3. JeffH {wx}

    JeffH {wx} Greenhorn

    Messages:
    23
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    8
    #3
    You should be escaping the email value for security reasons.

    
    $email=mysql_real_escape_string($_POST['email']);
    $password=md5($_POST['password']);
    
    $sql = "INSERT INTO `users` VALUES ('$email', $password)";
    mysql_query($sql);
    
    Code (markup):
    
    $email = mysql_real_escape_string($_POST['email']);
    $password = md5($_POST['password']);
    
    $sql = "SELECT * FROM `users` WHERE `email`='" . $email . "' AND `password`='" . $password . "';
    
    Code (markup):
     
    JeffH {wx}, Apr 21, 2016 IP
    ThePHPMaster likes this.
  4. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,623
    Likes Received:
    725
    Best Answers:
    152
    Trophy Points:
    470
    #4
    Or, rather, get with the program, and stop using a deprecated SQL-handler. Use mysqli_ or PDO, and stop using MD5 while you're at it - it doesn't provide anything useful at all. Also, why would you _pull_ the password from the database - just match it and if it matches, pull a username, or ID or something.
     
    PoPSiCLe, Apr 22, 2016 IP
  5. Hannaspice

    Hannaspice Active Member

    Messages:
    77
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    91
    #5
    Thank you all. It is okay.
     
    Hannaspice, Apr 22, 2016 IP