Home/ Questions/Q 8755895
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T13:56:41+00:00

I’m currently making a validation process to check the old password of the user

  • 0

I’m currently making a validation process to check the old password of the user but problem is I can’t get it why my query returns zero rows where expected it to have 1 row. 1 more thing is that even I don’t convert my password text into md5 the hashed password still get the correct answer and I don’t know why it happens. here’s my code so far:

public function validate_oldpassword($username,$password)
    {
            $this->db->select('user_salt');
            $query = $this->db->get_where('login',array('username' => $username));

            if ($query->num_rows() == 1)
            {
               foreach ($query->result() as $row)
               {
                  $password2 = hash("sha256",$password.$row->user_salt);
                  $this->db->flush_cache();
                  $query = $this->db->get_where('login', array('username' => $username, 'password' => $password2));

                  //return $this->db->last_query();
                  return $query->num_rows();

                  if($query->num_rows()==1){
                    return "YEHEY";
                  }else{
                    return "NO";
                  }

               }
            } 

    }

I also checked the query and it returns the correct query which is:

SELECT * FROM (`login`) WHERE `username` = 'kahel' AND `password` = 'f91d20d381426ea56e57da9ab23d0c568b8f934c3ff313e1bbf6c28a4fee758a'

My password is test salt is XgvT7F~(CYr#*0E1^UI@xkqJ5GcAO8BHsotZpf+WQ!4&ja2y%NdelLmhPSnRw9)zDK63VMuib and stored password is f91d20d381426ea56e57da9ab23d0c568b8f934c3ff313e1bbf6c28a4fee758a

what bothers me the most is that in my login page function everything works just fine. Here’s my login code function:

public function get_login_credentials($username,$password)
    {
            $this->db->select('user_salt');
            $query = $this->db->get_where('login',array('username' => $username));

            if ($query->num_rows() == 1)
            {
               foreach ($query->result() as $row)
               {
                  $password = hash("sha256",md5($password).$row->user_salt);
                  $query = $this->db->get_where('login', array('username' => $username, 'password' => $password));
                  return $query->num_rows();
               }
            } 
    }

I can’t really figure it out why it returns zero rows.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    In the login function you are setting:

    $password = hash("sha256",md5($password).$row->user_salt);

    and in validate_oldpassword you are setting:

    $password2 = hash("sha256",$password.$row->user_salt);

    you aren’t doing the md5 hash on it

    • 0