I am having a problem with inserting a username and password in a login system using cyrillic characters.
The password is decoded as SHA1, when i create a user with cyrillic characters it doesn’t work for me!
Can you tell me if i need to insert something special in it?
code:
<?php
define(DOC_ROOT,dirname(__FILE__)); // To properly get the config.php file
$username = $_POST['username']; //Set UserName
$password = $_POST['password']; //Set Password
$msg ='';
if(isset($username, $password)) {
ob_start();
include(DOC_ROOT.'/config.php'); //Initiate the MySQL connection
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($username);
$mypassword = stripslashes($password);
$myusername = mysqli_real_escape_string($dbC, $myusername);
$mypassword = mysqli_real_escape_string($dbC, $mypassword);
$sql="SELECT * FROM login_subadmin WHERE user_name='$myusername' and user_pass=SHA1('$mypassword')";
$result=mysqli_query($dbC, $sql);
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "admin.php"
session_register("myusername");
session_register("mypassword");
header("location:index.php");
}
else {
$msg = "Wrong Username or Password. Please retry";
header("location:login.php?msg=$msg");
}
ob_end_flush();
}
else {
header("location:login.php?msg=Please enter some username and password");
}
?>
Thanks!
Make sure to set your database and code + header to handle the page as UTF-8. It has to be the same charset all over the page. You could also use PHP’s hash function for SHA1.
Example code:
Remember that the hash might get different results when using mysqli_real_escape_string(); in the password hash. If you already hash:ed passwords, just escape the password before you hash it.