I am trying to use md5 and salt the password so for example the account name and stackoverflow md5 and salted looks like
OÜ ª€ÉظÖÙõà;~\ when it is done correctly, but I am getting what looks to be just the md5, its like its not salting the account name and password. So when I do the md5 hash of the account name and jade it looks like 0xea606b4cae6ae9a68a5da45d57c3309d but what I'm really looking for is
ê`kL®j馊]¤]WÃ0
I couldn't close that in backticks as it has one after the e.
Here is a snippet of the code I am using for an example.
$new = isset($_POST['new']) ? $_POST['new'] : '';
$old = isset($_POST['old']) ? $_POST['old'] : '';
$con = isset($_POST['con']) ? $_POST['con'] : '';
$this->view->usr = mysql_real_escape_string(StrToLower(Trim($this->view->usr)));
$new = mysql_real_escape_string(StrToLower(Trim($new)));
$Salt = $this->view->name.$new;
$Salt = md5($Salt);
$Salt = "0x".$Salt; //Salts the password in md5.
//$this->view->salt = $this->view->name.$new;
//$this->view->salt = md5($this->view->salt);
//$this->view->salt = "0x".$this->view->salt; //Salts the password in md5.
$this->view->msg = "";
$this->view->err = false;
if($old != $this->view->pss){
$this->view->msg = "Old Password is Incorrect";
}elseif($new == ""){
$this->view->msg = "New Password is Empty";
}elseif($con != $new){
$this->view->msg = "Please Confirm Password Correctly";
}else{
$arr = array(":idnumber" => $new, ":passwd" => $Salt);
$this->database->DBSet($arr,'users',$whr = 'WHERE ID = '.$this->view->usr);
$this->view->msg = "Password is Successfully Changed";
$this->view->err = true;
}
I do have a script that works and returns what i am looking for, but it uses the following procedure from the database so i have to do call changepasswd('$Login', $Salt)
BEGIN
START TRANSACTION;
UPDATE users SET passwd = passwd1 WHERE name = name1;
COMMIT;
END
I did notice that $Salt is outside of 'single quotes', is there a way to do that with the following snippet?
$arr = array(":idnumber" => $new, ":passwd" => $Salt);
I thought I would beable to do the same thing with this PDO Update function
// Update
function DBSet($arr,$tbl,$whr = ''){
$stmt = array();
foreach($arr as $fld => $val){
$stmt[] = str_replace(":","",$fld)." = ".$fld;
}
$stm = implode(",",$stmt);
$sql = self::UPDATE.$tbl." SET ".$stm.' '.$whr;
$sth = $this->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute($arr);
}
So, you want to hash a string and it would produce êkL®j馊]¤]WÃ0?
MD5 couldn't do that, it always return 32 characters..
Use another encrypt algorithm to produce cipher string like that.