In php, password security is the essential needs for the users. Password never store in plain text, but it store different incrypt text for the security. Secure password is make our panel strong and prevents websites from being hacked.
md5() :
The md5() function is used to calculate the md5 hash of a string.
Syntax :
md5(input_string, raw_output) |
password_hash:
the password_hash function is that it will automatically generate a random salt that is cryptographically secure.
password_hash() function provides the facility to securely store the password of the user to the database.
Syntax :
password_hash($pass, PASSWORD_BCRYPT)
|
Example:
Connection.php
<?php $db_host = "localhost"; $db_name = "demo"; $db_pass = ""; $db_user = "root";
$con = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$con){ die ('Failed to connect with server'); } ?> |
Form
<form action="pass.php" method="POST"> <label for="username">Username</label> <input type="text" name="username" required><br><br>
<label for="password">Password</label> <input type="password" name="password" required><br><br> <input type="submit" name="submit" value="submit"> </form>
|
Pass.php
<?php //Include database connection file include 'connection.php';
if (isset($_POST['submit'])){ $username = $_POST['username']; $pass = $_POST['password']; // Secure password using password_hash $password = password_hash($pass, PASSWORD_BCRYPT);
$sql = "INSERT INTO Admin (username, password) VALUES('$username', '$password')"; $result = mysqli_query($con, $sql); header("Location: secure_pass.php"); } ?> |
The second Parameter will contain PASSWORD_BCRYPT to make secure .
Output: