i have made my own login authentication script into php, it's working fine when i use it without using "sh1"... and successfully uploaded username and password into my database, but i want to encrypt password into database due to security reason, now i'm using $hash_key=sha1($_POST['password']); into script, when i check into database it successfully encrypted see my pic..
But as i logged in, it's giving me an error
So, i decided to remove "sh1" and directly save my password into database once to check..
and it's working fine:
But using sha1 it's working and showing an error message invalid username and password..
Please help, what's wrong into my code??
Here is a code for insert.php
<?php
$con=mysqli_connect("localhost","root","Bhawanku","members");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$hash_key=sha1($_POST['password']);
$sql="INSERT INTO admin
VALUES
('', '$_POST[username]','$hash_key')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>
and here is a code for login.php
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
$myusername=addslashes($_POST['username']);
$mypassword=addslashes($_POST['password']);
$sql="SELECT * FROM admin WHERE username='$myusername' AND passcode='.sha1[$mypassword]' ";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$active=$row['active'];
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
$_SESSION["myusername"];
$_SESSION['login_user']=$myusername;
header("location: welcome.php");
}
else
{
echo "Your Login Name or Password is invalid";
}
}
?>
<form action="" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
