Welcome Guest, Not a member yet? Register   Sign In
Checking a password with a salt and sha1 hash.
#1

[eluser]Unknown[/eluser]
Code:
function login($user, $password)
{
   $this -> db -> select('*');
   $this -> db -> from('tableName');
   $this -> db -> where('user', $user);
   $this -> db -> where('password', sha1($this->salt.$password));
   $this -> db -> limit(1);

   $query = $this -> db -> get();

   if($query -> num_rows() == 1)
   {
     return $query->result();
   }
   else
   {
     return false;
   }
}


This doesn't work. The password returns as invalid the entire time, or it just doesn't log me in. What am i doing wrong? The salt is stored in the database and i need to retrieve it, add it to the user provided password and then hash it. Please dont lecture on the hashing types, i am fully aware and unfortunately changing from sha to md5 is not an option.
#2

[eluser]kamikaz[/eluser]
I suggest you to read about HASH_MAC.


Although, your function looks correct. But are you sure you did the same manipulation when you store the password into the database?




Theme © iAndrew 2016 - Forum software by © MyBB