code for MD5 encryption example(Screenshot1)
 |
| Screenshot1 |
<?php $string = 'password'; $string_hash = md5($string); echo $string_hash; ?>
Output (Screenshot2)
 |
| Screenshot2 |
5f4dcc3b5aa765d61d8327deb882cf99 is the hash presentation of the string password. However much be refresh it will remain same. We called this one way encryption this $string_hash can not be un-encryption back no more text. We can only do that we can take a input and match to the encrypted data.
For example you had stored a password in database with encrypted value user typed and say mohammed is the password the encrypted data would not match to the password. Therefore password would be incorrect.
Now Let so You example by html form. I am gonna create new file copy and paste 5f4dcc3b5aa765d61d8327deb882cf99 this hash over into file we gonna called this hash.txt. So, obliviously it is unsecure way of saving password because someone could access it. However Now from index.php let the user enter value so we gonna create a form that allows the user to enter value the form will submit we gonna open hash.txt we gonna look content and we gonna see if password match hash string must be equal to password means if we type mohammed password will be incorrect if we type password it will be correct input.
code for Example MD5 Encryption
<?php
if (isset($_POST['user_password']) && !empty($_POST ['user_password'])) {
$user_password = $_POST['user_password'];
$filename = 'hash.txt';
$handle = fopen($filename,'r');
$file_password = fread ($handle,filesize($filename));
if ($user_password==$file_password) {
echo 'password ok!';
}else {
echo 'Incorrect password.';
}
}else {
echo 'Please enter a password.';
}
?>
<form action = "index.php" method="POST">
password: <input type="text" name="user_password"><br><br>
<input type="submit" value="submit">
</form>
Output
 |
| Screenshot3 |
 |
| Screenshot4 |
 |
| Screenshot5 |
 |
| Screenshot6 |
 |
| Screenshot7 |
Then with if condition we will check whether password is correct and form is be submitted. With isset function we will check whether form has been submitted with !empty function also we are checking that form is submitted is not empty It should filled. Now we will open up thid file called hash.txt and we want to grape value and we had to compare with the user input value. Then we will open file with fopen function by file handling in php. We are opening file to read the data in so we use r in file handling in php. Then we will convert user input into md5 function to check whether our password is correct in md5 function is equal same therefore we will check the user input value convert it to md5 function and will check with aur encrypted data which we had already converted and saved to hash.txt.
Now why we use password hashes in first place this md5 encryption whats the point using it. Why we need md5 function used ? . The reason is md5 function is not most secure form of hashing and is also not the most secure of encryption. It can be crack easily by checking. Lets say you had a database setup and there were lot's of username and password means you had a lot's of user on your website and you using an database now what happen's some one goes unauthorized access to your database what going happen is they are going to able to see your passwords if they are un-encrypted. If someone can view users password.
For example Screenshot6 and Screenshot7
In screenshot6 database i can easily use users password and username and login into it and In screenshot7 its difficult to anyone to login easily They can not convert MD5 function encrypted data because MD5 is one way encryption. There is no way that you can return this to there value that we called one way encryption.
No comments:
Post a Comment
Thanks For Comment Will get you Soon..