Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Dec 2006
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    User Authentication

    User Authentication

    Hi all,

    Still new to php so I'll try and explain my problem.
    I'm trying to produce a User authentication page so a user can log in with a user name and password. I've worked out setting up the database and adding new users to the database. So now people can log into pages using there user_id and password which is checked on the MySQL database.
    The problem comes when a user forgets there password and I wanted to send it to the email that they used in the registration. I'm using md5(), so the database contains a 32-character hash, it is possible to transfer this back to plain text.

    Any help would be greatly apperciated. I'm usin fFlash for the front end but any help or tutorials would be fine.

    c.

  • #2
    eak
    eak is offline
    Regular Coder eak's Avatar
    Join Date
    Jun 2002
    Location
    Nashville, TN
    Posts
    354
    Thanks
    0
    Thanked 26 Times in 26 Posts
    you can not get the original text from a hash. you may want to look at encryption instead if you want to retrieve the original password.
    MySQL Docs: http://dev.mysql.com/doc/refman/5.0/...functions.html
    eak | "Doing a good deed is like wetting your pants; every one can see the results, but only you can feel the warmth."

  • #3
    Regular Coder
    Join Date
    Oct 2005
    Location
    Surrey, England
    Posts
    286
    Thanks
    2
    Thanked 2 Times in 2 Posts
    you cant un-encode md5

    how i would do it is i would send them a link in an email that went to a page which they could then enter a new password which would over-write the old password. Also add in a few sequrity features like the link in the email has a random 30 character string attached to it which in another table in a database knows that that spacific string is in relation to the users id. Then delete it when the new password is set etc etc...

    http://www.totallyphp.co.uk/code/sen...l_function.htm
    Daniel Warner
    - - - - - - - - - -
    GuitarMart.co.uk - Free Online Classified Advertisement for Guitarists in the United Kingdom. Free Ads with a Free Photo.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •