- SHA2(CONCAT('<THE PASSWORD>', salt), 256
The code works, it will insert data to the account table and it will encrypt the pass.
My guess is that this is not the good way to store Md5 and sha256.
If you have any ideas help would be appreciated
Connect.php
- <?php
- $connection = mysqli_connect('localhost', 'root','','osirose');
- // checking if it works
- if (mysqli_connect_errno()) {
- printf("could not connect to the database",mysqli_connect_error());
- exit();
- }
- ?>
Register.php
- <?php
- mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
- error_reporting(E_ALL);
- ini_set('display_errors', 1);
- require('connect.php');
- //we check if the user already exists (tbd)
- if (isset($_POST['username']) && isset($_POST['password'])){
- $username= $_POST['username'] ;
- $passtemp= $_POST['password'] ;
- $password = md5($passtemp);
- $salt = hash('sha256',$passtemp);
- // $query = "INSERT INTO 'accounts' (username,password,salt) VALUES ('$username','$password','$salt')" ;
- $sql = "INSERT INTO accounts (username, password, salt) VALUES ('$username', '$password', '$salt')";
- $query = mysqli_query($connection,$sql) ;
- if($query)
- {
- echo "Success executing : $sql";
- }
- else
- {
- echo "Failed executing : $sql";
- }
- }
- ?>