0

Ok, so i have a log in and a register script. Today i put a md5() encoding mechanism on it so it encodes the password when it is sent to the database. Now, how do i encode all of the passwords that were already inside the database? if anybody could help i would be extremely appreciative

3
Contributors
7
Replies
8
Views
6 Years
Discussion Span
Last Post by diafol
0

Just run a query to update them:

UPDATE table SET password_column = MD5(password_column)

Don't forget to backup first, just in case...

Edited by pritaeas: n/a

0

it worked but now it wont let me or anybody else log in. Im using this script:

<?php
include'dbconnect.php';

$tbl_name="*******"; 

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$cleanpass=md5($mypassword);

$myusername = stripslashes($myusername);
$cleanpass = stripslashes($cleanpass);
$myusername = mysql_real_escape_string($myusername);
$cleanpass = mysql_real_escape_string($cleanpass);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$cleanpass'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
session_register("myusername");
session_register("mypassword");
header('location:memberspage.php');
}
else {
echo "Wrong Username or Password";
}
?>
0

echo out the query:

echo $sql;

This will stop any header(), but that's ok for now.

Check the screen output. Copy the output and paste into the SQL (or Query) box in your fave MySQL GUI (e.g. phpMyAdmin, Navicat, SQLyog, etc). See what happens.

//EDIT

Hold on! Silly question, but are md5-ing twice? Once with php and then again with SQL? If so, you'll not get a match.

Edited by diafol: n/a

0

I do not understand your question or what u want me to do with the echo

0

OK forget the duplicate md5, it wasn't working before pritaeas suggested the switch from php md5 to MySQL MD5. Anyway,

1. echo the query as I mentioned.
2. copy the output from the screen.
3. open phpmyadmin.
4. navigate to the 'SQL' pane.
5. paste the query from the clipboard to the pane.
6. press the 'go' button.
7. look at the results or any error message.

Attachments sql.png 61.49 KB
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.