Shouldnt be..
Results 11 to 20 of 24
Thread: [PHP] Help please.
-
Coming and going...
Highers are getting the better of me
-
I know you'll understand but won't it be setting it as the first var which is the md5 hash of the password?PHP Code:
$password = clean($_POST["password"]); // getting the pass
$password2 = md5($password); // hashing the password
$password2 = sha1($password2); //hashing the md5 hashed pass with sha1..
$username = $_SESSION["panel_username"];
mysql_query("UPDATE `users` SET `password` = '$password2' // inserting the password as the md5 hashed pass?
-
13-01-2008, 04:51 PM #13RedCrisps Guest
i tried both and they don't work. hmmm.
the password just don't work with this
Originally Posted by MrCraig
Change..
ToPHP Code:mysql_query("UPDATE `users` SET `password` = '$password2' WHERE `username` = '{$_SESSION["panel_username"]}'");
That should workPHP Code:mysql_query("UPDATE `users` SET `password` = '$password2' WHERE `username` = '$_SESSION[EON_CNTPNL_USERNAME]'");
nothing happens it just stays the samme Originally Posted by MountainDew
how about removing the random letters thing?
-
Just try this.
Might do it I'm not sure.PHP Code:<?php
if(isset($_SESSION["EON_CNTPNL_USERNAME"]))
{ $check->login(); }
else{
session_start();
include("functions.php");
$check = new checklogin;
$check->login(); }
echo("
<b>Edit your password!</b><br/>
<br/>");
if($_GET["act"] == "update")
{
$password = clean($_POST["password"]);
$password1 = md5($password);
$password2 = sha1($password1);
mysql_query("UPDATE `users` SET `password` = '$password2' WHERE `username` = '{$_SESSION["panel_username"]}'");
echo("Password Updated");
exit;
}
else
{
$rand = generateRandStr(13);
echo("Please set a new password:<br/><form action=\"?page=editpass&act=update\" method=\"POST\"><input type=\"text\" name=\"password\" value=\"$rand\" class=\"formbox\"> <b><-- Suggested</b><br/><br/><input type=\"submit\" name=\"submit\" value=\"Change Password\"><br/><br/>
The suggested password was $rand<br/>(So you can copy and paste)</form>");
}
?>
But then again if the pass isn't changing it shouldn't be that... hmm.Last edited by Hitman; 13-01-2008 at 04:53 PM.
-
What is he doing is MD5ing the password, then adding SHA1 onto it..
-
13-01-2008, 04:57 PM #16RedCrisps Guest
Should i change the format of the password thing in phpmyadmin?
-
I know but he put the vars the same? Originally Posted by MountainDew
The var $password2 was MD5 hashing the var $password and then another var named $password2 was sha1 hashing the first $password2 var... then inserting the var $password2, which it'd pick up the first var wouldn't it?
-
13-01-2008, 05:01 PM #18RedCrisps Guest
http://mochafm.com/staff/index.php
username: test
password: testaccount
thats to test it if you want, so yeh.
-
No.. Originally Posted by Hitman
$password = clean($_POST["password"]);
$password2 = md5($password);
$password2 = sha1($password2);
$password = the post
$password2 = md5ing the $password
$password2 = sha1 $password2
So it would end up being this sha1(md5($_POST["password"]));
The way he is doing it is fine.. it picks up the correct variable..
-
I understand that, but what I'm saying he has $password2 twice. He then inserts the value of $password2 as the pass... which I'm sure it reads the first (correct me if I'm wrong I'm not the best coder as you know...) so it'd grab the first $password2 and insert? Or the second...? Originally Posted by MountainDew
Meh.
Correct me pls!
Reply With Quote
Members who have read this thread: 0
There are no members to list at the moment.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts