0

I am creating login where registered user can Login with there Emailid and password(use Lampp).

I have one form where user are registering with there information that is User Name, EmailID, password etc.

then while inserting data in mysql database i am encrypting password.

the code is:

<?php define("ENCRYPTION_KEY", "!@#$%^&*"); $finalarray=array(); $finalarray['UserName']= $_POST["fname"]; $finalarray['EmailID']= $_POST['email']; $password = $_POST['pwd']; $encrypted = encryptIt( $input ); $finalarray['Password']= $encrypted; function encryptIt( $q ) { $cryptKey = 'qJB0rGtIn5UB1xG03efyCp'; $qEncoded = base64_encode( mcrypt_encrypt( MCRYPT_RIJNDAEL_256, md5( $cryptKey ), $q, MCRYPT_MODE_CBC, md5( md5( $cryptKey ) ) ) ); return( $qEncoded ); } /* code for insert into database */ ?>

when user is login it is cross check the email id and password in the database.

so for that i wrote decrypt function to match the password and if emailid match with password then user will login.

the code is:

<?php include 'ConnectionDatabase.php'; /database connnection define("ENCRYPTION_KEY", "!@#$%^&*"); ob_start(); session_start(); $username = $_POST['email']; $password = $_POST['password']; $connection= connection(); //connected $username = mysql_real_escape_string($username); $query = "SELECT EmailID,Password FROM User WHERE EmailID = ".'$username'; $result = mysql_query($query); if(mysql_num_rows($result) == 0) // User not found. So, redirect to login_form again. { echo "Not Valid User"; header('Location: login.html'); } $row=mysql_fetch_array($result); $encryptpassword=$row[1]; echo $encryptpassword."<br>"; $decrypted = decryptIt($encryptpassword); echo $decrypted; //no value is coming if($password != $decrypted ) // Incorrect password. So, redirect to login_form again. { header('Location: login_fb.php'); }else{ // Redirect to home page after successful login. echo "login"; session_regenerate_id(); $_SESSION['sess_user_id'] = $userData['id']; $_SESSION['sess_username'] = $userData['username']; session_write_close(); //header('Location: creatememorial.php'); } function decryptIt( $q ) { $cryptKey = 'qJB0rGtIn5UB1xG03efyCp'; $qDecoded = rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_256, md5( $cryptKey ), base64_decode( $q ), MCRYPT_MODE_CBC, md5( md5( $cryptKey ) ) ), "\0"); return( $qDecoded ); } ?>

echo $decrypted; not printing any think.

i referred this link when i did this in one program its working.

when i am using this two php file its not working.

i dont know what is the problem.

can any one help me on this.

Improve this question

1 Answer 1

Reset to default
0

You're going a very long way round this.

Just encrypt the users password and use the encrypted password in the database query.

Example:

$username = $_POST['email']; $password = $_POST['password']; $connection = connection(); $username = mysql_real_escape_string($username); $password = encryptIt(mysql_real_escape_string($_POST['password'])); $query = "SELECT EmailID,Password FROM User WHERE EmailID = '".$username."' AND Password = '".$password."';

If it returns a row - there is a user with that email, and that password.

As a side note; it's no longer recommended to use mysql_* functions - you should switch to the mysqli_* library, or even better, use prepared statements.

Also - you use MD5 which generates a hash, you cannot decrypt a hash - it's a one way conversion.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank for reply. but when i am inserting password in database in encrypting fcygGLqlfhk6J7w7XuMGWgpQOJWizlAUFi2Yt5/Q68xM= and in login the same password is zPr2eL6eOtJXa91J9W+C/XG32j4bvk0lZ5AmcFS9vR4= i am not getting what is the problem please help me on this.
Yes, so if you encrypt the password entered by the user at login - it will match the string in the database if it is correct.
the password is same. but it is giving different value. what is the problem

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.