Right now I am developing an application that will allow online registration. For development, the password check just checks a MySQL row to make sure the value matches the value in the input field.
This code checks to see that the row exists:
$res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password` = '".$password."'");
$num = mysql_num_rows($res);
//check if there was not a match
if($num == 0){
//if not display error message
echo "<center>The <b>Password</b> you supplied does not match the one for that username!</center>";
I'm confused about implementing a salt system. How would I alter this script to check for the encrypted password? I haven't found a great tutorial that explains this in detail.