Hi there, I have a very simple question : how to insert the password using sha1(md5) format into db and how to select it fr data. registration.php: $email=$_POST['email']; $password=$_POST['password']; "INSERT INTO `users` VALUES ('$email', $password)"; Code (markup): login.php: $email=$_POST['email']; $password = $_POST['password']; "SELECT * FROM `users` WHERE `email`='" . $email . "' AND `password`='" . $password . "'; Code (markup): Thanks for help, Hanna
Hi there! It's really simple. You can use the md5 php function. Here is the code: registration.php $email=$_POST['email']; $password=md5($_POST['password']); $sql = "INSERT INTO `users` VALUES ('$email', $password)"; mysql_query($sql); Code (markup): login.php $email=$_POST['email']; $password = md5($_POST['password']); $sql = "SELECT * FROM `users` WHERE `email`='" . $email . "' AND `password`='" . $password . "'; Code (markup): Good luck!
You should be escaping the email value for security reasons. $email=mysql_real_escape_string($_POST['email']); $password=md5($_POST['password']); $sql = "INSERT INTO `users` VALUES ('$email', $password)"; mysql_query($sql); Code (markup): $email = mysql_real_escape_string($_POST['email']); $password = md5($_POST['password']); $sql = "SELECT * FROM `users` WHERE `email`='" . $email . "' AND `password`='" . $password . "'; Code (markup):
Or, rather, get with the program, and stop using a deprecated SQL-handler. Use mysqli_ or PDO, and stop using MD5 while you're at it - it doesn't provide anything useful at all. Also, why would you _pull_ the password from the database - just match it and if it matches, pull a username, or ID or something.