Home/ Questions/Q 7408121
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T05:51:19+00:00

I’m trying to get my login script to work. It uses random salt &

  • 0

I’m trying to get my login script to work. It uses random salt & md5. At present just typing a valid username and pressing submit without a password authenticates the user. (I know md5 isn’t safe, will be moving to brcrypt later but need to get this working first)

Just cant see the error – any help much appreciated.

if(!empty($_POST)) {
    $user = isset($_POST['username']) ? $G['db']->escape($_POST['username']) : "";
    $pass = isset($_POST['password']) ? md5($G['db']->escape($_POST['password'])) : "";

    $account = $G['db']->queryUniqueValue("SELECT username,salt,password,uid FROM `".$C['db']['table']."` WHERE `username` = '$user'");

    //User exists
    if($G['db']->numRows()==1) {
      //If the password is right
      if(md5($account['salt'].":".md5($pass))) {
        //Validate the user
        $G['login']->validateUser(array("username"=>$account['username'], "id"=>$account['uid'], "utype"=>$account['utype']));

        //User Validated redirect them
        header("Location: ./?e=validpage");

      } else {
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    if(md5($account['salt'].":".md5($pass)))

    Well… This creates an MD5 hash of the salt in the database and the entered password. And compares it to… true. And any non-empty string is true. So this condition reads if the entered password together with the salt hashes to any non empty string (which it will every time), let the user in.

    You probably meant to do something like:

    if (md5($account['salt'] . ':' . md5($pass)) === $account['password'])
                                             ^^^^^^^^^^^^^^^^^^^^^^^^
    • 0