So, I’ve been playing with the MySQL listserver program and I’m trying to get the account creation thing to work. If I don’t apply the MD5+Salt method, it will be sent to the table, but won’t work because it wasn’t sent through the method.
If I apply the method, I get an error.
Here’s without MD5+Salt:
<?php
$con = mysql_connect("#SQLHOSTIP#","#SQLUSERNAME#","#SQLPASSWORD#");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("#DATABASE#", $con);
$account=mysql_real_escape_string($_POST['q8_Account']);
$password=mysql_real_escape_string($_POST['q17_Password']);
$password2=mysql_real_escape_string($_POST['q18_VerifyPassword']);
$sql="INSERT INTO #USERSTABLE# (account,password,password2) VALUES ('$account','$password','$password2')";
if (!mysql_query($sql,$con)) {
die('Error: ' . mysql_error());
}
echo "User registration Accepted.";
mysql_close($con);
?>
Based on what I’ve read, here’s how I applied the MD5+salt
[code]<?php
$gr_sql = mysql_connect( “#SQLHOSTIP#”, “#SQLUSERNAME#”, “#SQLPASSWORD#” );
if (!$gr_sql) die(‘Could not connect: ’ . mysql_error());
mysql_select_db("#DATABASE#", $gr_sql);
$username = mysql_real_escape_string($_POST[‘q8_Account’]);
$gr_password = mysql_real_escape_string($_POST[‘q17_Password’]);
$gr_result = mysql_query("SELECT * FROM graal_users WHERE account=’" . $username . “’”);
$gr_salt = substr(md5(uniqid(rand(), true)), 0, 3);
$gr_pass = md5(md5($_POST[‘gr_password’]) . $gr_salt);
if ( mysql_num_rows($gr_result) == 0 )
{
# Insert new account.
mysql_query( “INSERT INTO graal_users (id, account, password, salt, activated) VALUES (’” . $userid . “’, '” . $username . “’, '” . $gr_pass . “’, '” . $gr_salt . “’, ‘1’)” );
}
?>[/code]
After I submit the data, I get a blank page and this gets added to my database table.
What am I doing wrong?
___Merged doublepost__________________
I solved the error and created a new problem. Editted my previous post accordingly.