0

Hi guys,
can anyone help me with this script. i would like to update password into md5. what should i do
TQ

<?php

include("plogin.php");

session_start();
//Cek Login
if ($_SESSION['level']==user) {

        $namaLgkp = $_SESSION['username'];

?>
<?php
session_start();
include("config.php");
if($_REQUEST["Submit"]=="Ganti")
{
$sql="update tb_user set password ='$_REQUEST[pwbaru]' where username = '$_SESSION[username]'";
//echo $sql;
mysql_query($sql);
header("Location:passuser.php?msg=Update Password Berhasil");
}
?>


<html>
<head>
<title>Aplikasi Helpnet</title>
<!-- CSS -->
<link href="style/css/layout.css" rel="stylesheet" type="text/css" media="screen" />
<script>
function passwordck() {

var formName=document.frm;

if(formName.pwbaru.value == "")
{
document.getElementById("pwbaru_label").innerHTML='Please Enter New Password';
formName.pwbaru.focus();
return false;
}
else
{
document.getElementById("pwbaru_label").innerHTML='';
}


if(formName.pwbarulg.value == "")
{
document.getElementById("pwbarulg_label").innerHTML='Enter ConfirmPassword';
formName.pwbarulg.focus();
return false;
}
else
{
document.getElementById("pwbarulg_label").innerHTML='';
}


if(formName.pwbaru.value != formName.pwbarulg.value)
{
document.getElementById("pwbarulg_label").innerHTML='Passwords Missmatch';
formName.pwbarulg.focus()
return false;
}
else
{
document.getElementById("pwbarulg_label").innerHTML='';
}
}
</script>
<style type="text/css">
<!--
.style8 {font-size: 25px}
.style9 {color: #009900}
body {
    background-color: #E8FFE8;
}
-->
</style>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body>

    <div id="wrapper">

       <!-- Batas awal menu atas -->
        <ul id="menu">
            <li class="currentMenu" id="home"><a href="duser.php"><img src="style/img/logo_helpnet.png" alt="logo_helpnet" width="100" height="35" border="0"></a></li>
            <li><a href="duser.php">Beranda</a></li> 
            <li><a href="staticuser.php">Tiket</a></li>
            <li><a href="passuser.php">Password</a></li>
            <!-- untuk menu  utama yang sedang dipilih  -->
            <li class="logout"><a href="logout.php">Logout</a></li>
        </ul>
        <!-- Batas akhir menu atas -->

        <!-- Batas awal background layar -->
        <div id="backgroundlayar">

            <!-- Batas awal kertas -->
            <div id="kertas">
                <!-- Batas awal kotakkiri -->
                <div id="kotakkiri">

                    <!-- Batas awal menu kiri -->
                    <ul class="menukiri">
                        <li><a href="passuser.php"><strong>Password Baru </strong></a></li>   
                    </ul>
                    <!-- batas akhir menu kiri-->

                </div>    
                <!-- batas akhir kotaks kiri -->


                <h2><a href="#" class="style8">Ganti Password </a><a href="passuser.php" class="style9"></a></h2>

                <div id="utama">

                    <h3 align="center">Sebaiknya gantilah password Anda secara berkala </h3>
            <form action="passuser.php" method="post" name="frm" id="frm" onSubmit="return passwordck();">
<table>

<tr>
<td>Password Baru:</td>
<td><input type="password" name="pwbaru" id="pwbaru" size="20" autocomplete="off"/>&nbsp; <label id="pwbaru_label" class="level_msg"></td>
</tr>
<tr>
<td>Ketik ulang password baru:</td>
<td><input type="password" name="pwbarulg" id="pwbarulg" size="20" autocomplete="off">&nbsp; <label id="pwbarulg_label" class="level_msg"></td>
</tr>

<tr>
<td colspan="2" align="center"><input type="submit" name="Submit" value="Ganti" onSubmit="return passwordck();"/></td>
</tr>

</table>

</form>
                </div>
                <!-- batas akhir utama -->

                <div class="clear"></div>
            </div>
            <!-- batas akhir kertas -->

        </div>   
        <!-- batas akhir background layar -->

         <!-- Batas awal kaki -->
        <p id="kaki">Copyright &copy; 2014 Aplikasi Helpnet</p>
        <!-- batas akhir kaki -->

    </div>
    <!-- wrapper -->

</body>
</html>



<?php
}
    else {

    header('location: akses.php');
}
?>
3
Contributors
8
Replies
28
Views
2 Years
Discussion Span
Last Post by diafol
0

This is really difficult to follow. You've mashed up js, html and php. You may find it easier to separate these, e.g. Place all your js in a script tag at the bottom of the page and get rid of all those on_ attributes.

The php can be separated by reordering the conditional block for header to above the dtd.

There is some duplication - no need for session_start() to appear twice. Just place it at the top of the page.

You are using $_REQUEST for some reason, although your form method is 'post'. Are you expecting users to be able to use 'get' via the querystring too?

0

ohh..i see
this form is for user changing their password. it's work
but, the password is not in md5..

1

The password will be an md5 hash if you hash it:

$hash = md5($password);

or

$hash = hash("md5", $password);

However, do not use md5 if you can avoid it - it's not very secure. Look at sha256 or similar, or even use password_hash() if you have php 5.5.0+.

0

ooo.oke
than what can i do for secure it?

before, i'm really grateful for ur reply.

0

than what can i do for secure it?

Either use sha256 or similarly hard-to-crack algorithm:

$hash = hash("sha256", $password);

Or if you have php 5.5.0 or later, use the new password hash and verify functions. This is really nice as you can use something like BCRYPT algorithm and set the "cost" - the "time" if you like required to verify a supplied password.

Check out the php manual for hash(), password_hash() and password_verify().

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.