Home/ Questions/Q 8414681
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T01:13:40+00:00

I have the registration system on my website set up to where when the

  • 0

I have the registration system on my website set up to where when the user signs up the password is an md5’d mixture of the email and password that they signed up with. Unfortunately, I can’t get it to work properly. Here’s the code:

On Signup:

$user = strip_tags(substr($_POST['email'],0,32));
$pass = strip_tags(substr($_POST['password'],0,32));
$cleanPass = crypt(md5($pass),md5($user));
$date = time();

$stmt = $db->prepare("INSERT INTO users (password, email, first, last, date)
        VALUES(:password, :email, :first, :last, :date)");

On Sign in: 

$email = $_POST['email'];
$user = strip_tags(substr($_POST['email'],0,32));
$pass = strip_tags(substr($_POST['password'],0,32));        

$cleanPass = crypt(md5($pass),md5($user));

$stmt = $db->prepare("SELECT email,password FROM users WHERE email=:email AND password=:password limit 1");
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you want to use a combo of user/pass when storing the data, what you might wanna conisder is the length of the crypting mechanism. Normally when you do that you don’t crypt the 2 md5’s of the user&pass, but instead you do something like

    $cleanPass = md5( $user.$pass );

    If you also want to store the user, you shouldn’t md5 that. If you want to store the pass, md5 it.

    Does this help ?

    • 0