PHP Login System with Admin Features

This forum was created to talk about the PHP Login System with admin features created by jpmaster77 on evolt's website


    Save password as the real one in MySql database

    Share
    avatar
    beatonline

    Number of posts : 1
    Registration date : 2011-09-25

    Save password as the real one in MySql database

    Post  beatonline on Sun Sep 25, 2011 8:21 pm

    Hello! I was wondering if there is anyway that the script could save all passwords as the real one, not as random id's in the mysql database?

    Grateful for any help Very Happy
    avatar
    Linchpin311

    Number of posts : 220
    Age : 32
    Localisation : Long Island
    Registration date : 2007-05-14

    Re: Save password as the real one in MySql database

    Post  Linchpin311 on Tue Sep 27, 2011 12:25 pm

    sure, but its not very safe and i dont know why you would want to do this.

    in any case, you could accomplish this by removing the md5() function from inside any database function that requires the password as an argument. for instance, start by opening session.php and find this line (should be around line 341 assuming you havent made any changes to the script):

    Code:
    if($database->addNewUser($subuser, md5($subpass), $subemail)){

    this line of code comes from the function register and gets called when the user has just submitted the registration form. if you were to remove the md5() function from $subpass the password would not be encrypted and saved as plain text in the database.

    of course to make this work correctly you would also have to remove the md5() function from all other database querys that require the password, as the functions are all expecting the encrypted string.


    _________________
    in the end, the universe tends to unfold as it should...

    Also note that it is your responsibility to die() if necessary.

      Current date/time is Tue Sep 19, 2017 9:19 am