spot7.org logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML Categories

Issue with PHP/MYSQLi Password validation using salt


First, you have some confusing variable naming here - you use $password to represent both the plaintext password and the salt-and-hashed representation. That makes it harder to read your code.

Second, let's look at your code as a series of states to find where they might be going wrong:

  1. Password entry. Is the same string being passed in both cases? Have you paid attention to whitespace and capitalization? Use a debugger to verify. If the plaintext password is not byte-for-byte identical, the initial sha256 hash should show differences at this point.
  2. Salt generation/retrieval. Did you save/retrieve the exact same salt, byte-for-byte? Again, watch for whitespace/capitalization and also check that your database isn't silently truncating or changing the encoding for the string.
  3. Compare the strings after they have been concatenated but before the second sha256 hash operation. By definition, since the final output is different, either your plaintext password or salt is not byte-for-byte identical. This will help you tell if one or both are the culprits.

Categories : PHP

Related to : Issue with PHP/MYSQLi Password validation using salt
Password Validation - Spaces
You were typing the username into the cin that checked if e was pressed and also typing into the cin.getline(...). I came to this conclusion when you commented that Typing in "1 1" gives me 32 and 49 (space in the middle) Typing in "1 1" should have resulted with the ints 49 32 49 being output. Because you cast your characters to int's in the ouput statement. In ASCII the character 1 is equ

Categories : C++
Slow password history validation using BCrypt
The BCrypt algorithm was designed precisely to be slow, with the cost factor you can determine how much time is needed to calculate a password hash. This "slowness" is the only way to thwart brute-force attacks. If there was a way to speed up this process, an attacker would surely make use of it. So no there is no way to make short cuts here.

Categories : Misc
500 Internal Server Error, but works fine on localhost - $mysqli = new mysqli
Finally I fixed the problem. It was the [0] causing the issue, because the php version on my server doesn't support that statement, so I had to change it like this: $filename = array_values(mysqli_fetch_array($mysqli->query("SELECT name FROM filename"))); $filename = $filename[0];

Categories : PHP
Mongoose/Nodejs validation error handling, memory leak issue
What's happening is that with an invalid document, the x.save async operation completes immediately, calling its callback as soon as its parent addEntry function call completes. This leaves no chance for garbage collection to run and the memory usage keeps growing. To fix this, put the recursive addEntry call within a call to setImmediate to give GC a chance to run between iterations: addEntry

Categories : Node Js
Hide Password From Console Window Java Asterisk Password Or Block Inputted String Being Displayed
Use java.io.Console.readPassword() method See API in below link https://docs.oracle.com/javase/7/docs/api/java/io/Console.html

Categories : Java
Recently Add
Cartesian product of associative array showing key and value - PHP
Datamapper orm save and update not working
find methods in COM object
PHP Keyword search not working with multiple words
Set a total based on items ordered, two types, and sometimes one type will not be ordered.
FB request to join a group, going around their official SDK
Using Google charts with php data?
OAuth2 integration with ExactOnline
libvirt-php receives the error: unable to connect to server Permission denied
How to echo results by sets of 2?
Why does PHP's sprintf not round 5s reliably?
php replace affects on replaced string
PHP Find and replace multiple similar entries
Replace PHP date output with pre-made images
How to install Laravel 4 packages on Windows
Using updateOrCreate for multiple data insert in Laravel
Storing products in a MYSQL database and then search and filter them?
Create order with PrestaShop's API
how to get latest messages from all users
Yii CMultiFileUpload Restrict Image width
Combine array by key factor
Semicolon after if condition in PHP - code still works
Get date using day of the week
soap web service with symfony
Seasonal Reservation system Day/month
is it possible to join a single table it self?
Attempting to compare two arrays PHP
Sticky Select Option
Eventbrite duplicate event entry
Pagination Not Working on custom post type in Wordpress
© Copyright 2017 spot7.org Publishing Limited. All rights reserved.