How to use sha256 in php5.3.0
I'm using sha256 to encrypt the password. I can save the sha256 encrypted password in mysql. But i can't login with the same clause.
Insert code:
<?php
error_reporting(E_ALL ^ E_NOTICE);
$username = $_POST['uusername'];
$passcode = $_POST['ppasscode'];
$userflag = $_POST['uuserflag'];
//$passcodeen = hash('sha256',$passcode);
$passcodeen = hash('sha256', (get_magic_quotes_gpc() ? stripslashes($ppasscode) : $ppasscode));
$conn = mysql_connect("localhost","charles","charles") or die("connection failed with DB:".mysql_error());
mysql_select_db("sessiondb");
$query = "INSERT INTO users(username,passcode,userflag) values('$username','$passcodeen','$userflag')";
Select code:
<?php
error_reporting(E_ALL ^ E_NOTICE);
@mysql_connect("localhost","charles","charles") or die("Connection failed".mysql_error());
@mysql_select_db("sessiondb") or die("Database doesn't exist".mysql_error());
//get user input
$username = $_POST['username'];
$ppasscode = $_POST['ppasscode'];
//$passcodeen = hash('sha256', $ppasscode);
$passcodeen = hash('sha256', (get_magic_quotes_gpc() ? stripslashes($ppasscode) : $ppasscode));
//get session value from mysql
$query = @mysql_query("select username, userflag from users where username ='$username' and passcode = '$passcodeen'") or die("Query execution failed".mysql_error());
Is there something wrong? I'm very confused. Thanks.
Answer
Could this be a typo? (two Ps in ppasscode, intended?)
$_POST['ppasscode'];
I would make sure and do:
print_r($_POST);
and make sure the data is accurate there, and then echo out what it should look like:
echo hash('sha256', $_POST['ppasscode']);
Compare this output to what you have in the database (manually). By doing this you're exploring your possible points of failure:
- Getting password from form
- hashing the password
- stored password
- comparison of the two.