0

I have this set of codes

$user = htmlentities($_POST['user']);
$pass = htmlentities($_POST['pass']);

function sha512($str) { return hash("sha512", $str); }
$pass = sha512($pass);

$tzlogin = sprintf("SELECT * FROM users WHERE user='%s' AND pass='%s'",
mysql_real_escape_string($user), mysql_real_escape_string($pass));

$tzlogged = mysql_query($tzlogin, $config) or die(mysql_error());

if (mysql_num_rows($tzlogged) == 0){
    header (sprintf("Location: ./login.php?status=error"));
} else {
    if (isset($_POST['tz-remember'])){
        $query = mysql_query("SELECT uid FROM users WHERE user='".$user."'", $config);
        $id = mysql_fetch_row($query);
        foreach($id as $uid){
            setcookie('uid', $uid, time() + 60*60*24*30*11, '/', '.localhost');
        }
        header (sprintf("Location: ./index.php"));
    } else {
        $query = mysql_query("SELECT uid FROM users WHERE user='".$user."'", $config);
        $id = mysql_fetch_row($query);
        foreach($id as $uid){
            $_SESSION['uid'] = $uid;
        }
        header (sprintf("Location: ./index.php"));
    }
}

its all correct i think because earlier i was able to login properly but suddenly i am not i encrypted the password into a hash format while registration and while logging in i again first encrypted it then selected and when i looked carefully the inserted data in the database is missing some lines while the data entered is a bit longer like i enter a password test now the inserted data is

"ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732"

while the posted data is

"ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff" why is that so?

Improve this question

3 Answers 3

Reset to default
2

SHA-512 generates a 512-bit hash value, which can be represented in CHAR(128).

you can see other types of sha in here: What data type to use for hashed password field and what length?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Your database field is set to 100 characters. Increase the length to 128.

Improve this answer

Comments

0

Looks like the password field in the database is too short.

Please post the result of SHOW CREATE TABLE users.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.