Login - hash problem

Question

Hi, i have a login system for my game on unity, people need to register at the website then they can log into the game, on my website when they register the password comes to a salt hash in the db, so iam wondering how can this php script (password) convert what they type in game to a salt hash

 <?php
         $user_name = $_REQUEST['user_name'];
         $password = $_REQUEST['password'];
         
         $database = mysql_connect('localhost', '*******', '******') or die('Could not connect: ' . mysql_error());
         mysql_select_db('******') or die('Could not select database');
     
         $query="SELECT * FROM users WHERE user_name='".mysql_real_escape_string($user_name)."'AND password='".$password."'"; 
         $result=mysql_query($query);
     
         if (mysql_num_rows($result)>0) 
             echo "right";
         else
             echo "wrong";
     ?>

iam sorry for my english and i hope you understand and this is a part of my login script:

 string login_URL = loginURL + "?user_name=" + userNamez + "&password=" + passWordz;

Answer 1

Best Answer

Answer by Bunny83 · Oct 02, 2013 at 04:41 AM

You need the salt and hash the incoming password exactly the same way you did when saving it to the database. You hash it so it's not saved as plain text, you salt it so if someone got access to the database ( via SQL injection or whatever ) he can't use the saved hash in a rainbow table since he doesn't know your salt.

Add comment · Share

Login - hash problem

1 Reply

Your answer

Follow this Question

Related Questions