Я создал систему регистрации / входа для своего веб-сайта. Он шифрует / солирует пароль. Дело в том, что для входа на мой сайт мне нужно ввести зашифрованный пароль, а не фактический пароль, с которым я подписался.
Resgister.php
<?php include 'header inc.php'; $error = ""; if (@$_POST['register']) { $firstname = strip_tags($_POST['firstname']); $lastname = strip_tags($_POST['lastname']); $username = strip_tags($_POST['username']); $email = strip_tags($_POST['email']); $password1 = strip_tags($_POST['password']); $password2 = strip_tags($_POST['passwordrepeat']); $day = strip_tags($_POST['day']); $month = strip_tags($_POST['month']); $year = strip_tags($_POST['year']); $dob = "$day/$month/$year"; if ($firstname == '') { echo "Firstname cannot be left empty."; } else if ($lastname == '') { echo "Lastname cannot be left empty."; } else if ($username == '') { echo "Username cannot be left empty."; } else if ($email == '') { echo "Email cannot be left empty."; } else if ($password1 == '') { echo "Password cannot be left empty."; } else if ($password2 == '') { echo "Repeat Password cannot be left empty."; } else if ($day == '') { echo "The day you were born cannot be left empty."; } else if ($month == '') { echo "The month you were born cannot be left empty."; } else if ($year == '') { echo "The year you were born cannot be left empty."; } else { //Check the username doesn't already exist $check_username = mysql_query("SELECT username FROM users WHERE username='$username'"); $numrows_username = mysql_num_rows($check_username); if ($numrows_username != 0) { echo 'That username has already been registered.'; } else { $check_email = mysql_query("SELECT email FROM users WHERE email='$email'"); $numrows_email = mysql_num_rows($check_email); if ($numrows_email != 0) { $error = 'That email has already been registered.'; } else { $salt1 = "francis"; $salt1 = md5($salt1); $salt2 = "cookie"; $salt2 = md5($salt2); $salt3 = "php"; $salt3 = md5($salt3); $password1 = $salt1.$password1.$salt3; $password1 = md5($password1.$salt2); $password2 = $salt1.$password2.$salt3; $password2 = md5($password2.$salt2); if ($password1 != $password2) { $error = 'The passwords don\'t match!'; } else { //Register the user $register = mysql_query("INSERT INTO users VALUES('','$firstname','$lastname','$username','$email','$password1','$dob','no')"); die('Regsitered successfully!'); } } } } } ?> <html> <head></head> <body> <h2 style="color:#848484;">Create Your Account</h2> <form action='join.php' method='POST'> <input type='text' name='firstname' onclick='value="" ' id='username1'/><p /> <input type='text' name='lastname' onclick='value=""'id='username1'/><p /> <input type='text' name='username'onclick='value=""'id='username1'/><p /> <input type='text' name='email' onclick='value=""'id='username1'/><p /> <input type='text' name='password' onclick='value=""'id='username1'/><p /> <input type='text' name='passwordrepeat' onclick='value=""'id='username1'/><p /> <input type='text' name='day' value='' size='3' maxlength='2' onclick='value=""'id='username1'/> <input type='text' name='month' value='' size='6' maxlength='2' onclick='value=""'id='username1'/> <input type='text' name='year' value='' size='4' maxlength='4' onclick='value=""'id='username1'/><p /> <input type='submit' name='register' value='Create Your Account'id='submit1' /> <?php echo $error; ?> </form> <img src="StayConnected.jpg" id="sc" name="Post" >
login.php
<?php include ( 'header inc.php' ); if (isset($_POST['username'])&&($_POST['password'])) { $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $check_username = mysql_query("SELECT username FROM users WHERE username='$username'"); $numrows = mysql_num_rows($check_username); if ($numrows != 1) { echo 'That User doesn\'t exist.'; } else { $check_password = mysql_query("SELECT password FROM users WHERE password='$password' && username='$username'"); while ($row = mysql_fetch_assoc($check_password)) { $password_db = $row['password']; if ($password_db == $password) { $_SESSION['username'] = $username; header("Location: template.php"); } } } } ?> <h2 style="color:#848484;">    Login to Your Account</h2>            <form action='login.php' method='POST'>            <input type='text' name='username' id="username1"/><p />            <input type='text' name='password' id="username1"/><p />            <input type='submit' name='submit' value='Login to my Account' id="submit1" /> </form> <br> <br> <br> <br> <br> <br> <br> <br> <br> <img src="StayConnected.jpg" id="sc" >