Hi, today i am going to tell about how to validate the encrypted password using php md5() function most of the developers use md5() function to store security data and change into encrypted format if we follow this rules we can give more security to the user data, if we use encrypted format to store user password and later if the user forgot his password and request to forgot password in that time we can't tell his password because after convert the data into encrypted format we can't change to regular format and we have to regenerate a new user password and send to user.
Live Demo
Download Script
HTML
in html take the input box and put the type to password and take one button, take em tag to display the validation messages<div class="lessoncup"> <h1>Server Side Encrypted Password Validation</h1> <em></em> <input name="pass" type="password" id="pass" class="pass" placeholder="Ex: lessoncup"> <input name="submit" type="button" id="submit" class="submit" value="Check"> </div>
JAVASCRIPT
now write the click function to submit button as a selector, here we are going to validating the password box with few conditions , in the first condition we are checking the password box is empty or not, in else i just used ajax request to send the password value to password.php file and taking the request in success function<script type="text/javascript" src="jquery-1.10.2.min.js"></script> <script> $(document).ready(function(){ $('#submit').click(function(){ var pass = $('#pass').val(); var datasend = 'password='+pass; if(pass==""){ $('em').text("enter your password"); }else{ $.ajax({ type:'post', data:datasend, url:'password.php', cache:false, success:function(msg){ $('em').text(msg); } }); } }); }); </script>
PHP
in php file connect this file to database and keep the password value in mysql_real_escape_string($password) to give security from hackers and avoid stupid things, now in database the password was stored in encrypted format and we are getting password from input in normal text now we need to convert regular password text into hash by using md5() and store the password variable inside the function, i just write the query to match the password from users table<?php extract($_REQUEST); include("db.php"); $password=mysql_real_escape_string($password); $password=md5($password); $query=mysql_query("select * from users where pass='$password'"); if(mysql_num_rows($query)==0){ echo "password not matched"; }else{ echo "password matched"; } ?>
No comments :
Post a Comment