Solved

Display MD5 encrypted password in plain text in PHP

Posted on 2008-10-19
4
1,286 Views
Last Modified: 2013-12-13
I am writing a page that a user would be able to view their password in plain text (actually, this is for the site administrator), instead of in the MD5 encryption.  I am able to CREATE the password and encrypt it, but in this field, (and the subsequent query) I want it viewable.
if (isset($_POST['Submit'])){
 

//$year = $_POST['idx'];
 
 

$idx = $_POST['idx'];	
 

    $pass = $_POST["password"];

    $password = md5($pass);

	

$username = $_POST['username'];

$validated = $_POST['validated'];

$firstname = $_POST['firstname'];

$lastname = $_POST['lastname'];

$address = $_POST['address'];

$city = $_POST['city'];

$state = $_POST['state'];

$zip = $_POST['zip'];

$phone = $_POST['phone'];

$email = $_POST['email'];

$billing = $_POST['billing'];
 
 

$username = mysql_real_escape_string($username);

$password = mysql_real_escape_string($password);

$validated = mysql_real_escape_string($validated);

$firstname = mysql_real_escape_string($firstname);

$lastname = mysql_real_escape_string($lastname);

$address = mysql_real_escape_string($address);

$city = mysql_real_escape_string($city);

$state = mysql_real_escape_string($state);

$zip = mysql_real_escape_string($zip);

$phone = mysql_real_escape_string($phone);

$email = mysql_real_escape_string($email);

$billing = mysql_real_escape_string($billing);
 
 
 

$update_user = "UPDATE `user` SET

         `username` = '$username',

         `password` = '$password',		 

         `validated` = '$validated',

         `firstname` = '$firstname',

	     `lastname` = '$lastname',

	     `address` = '$address',

		 `city` = '$city',

		 `state` = '$state',

		 `zip` = '$zip',

		 `phone` = '$phone',

		 `email` = '$email',

	     `billing` = '$billing' WHERE `idx` ='$idx'";

         echo "<br><br>";

		 
 
 

         mysql_query($update_user) or die("Problem with this query");
 
 

////////////////////////////HERE IS THE ACTUAL FORM/////////////
 

			echo "<tr bgcolor=\"#DCDCDC\" align=\"left\"><td><b>Username:</b></td> ";

			echo "<td><input name=\"username\" type=\"text\" value=\"".$row['username']."\"  size='25' maxlength='60'  /></td></tr>";

			

			echo "<tr bgcolor=\"#DCDCDC\" align=\"left\"><td><b>Password:</b></td> ";

			echo "<td><input name=\"password\" type=\"text\" value=\"".$row['password']."\"  size='25' maxlength='60'  /></td></tr>";
 

			echo "<tr bgcolor=\"#DCDCDC\" align=\"left\"><td><b>Validated:</b></td> ";

			echo "<td><input name=\"validated\" type=\"text\" value=\"".$row['validated']."\"  size='25' maxlength='60'  /></td></tr>";

Open in new window

0
Comment
Question by:tru504187211
  • 2
4 Comments
 
LVL 28

Expert Comment

by:gamebits
ID: 22752650
MD5 is a one encryption method if you want to see it in plain text you will have to save it in plain text (or use another encryption method who is reversible).
0
 
LVL 28

Accepted Solution

by:
gamebits earned 250 total points
ID: 22752654
Correction

MD5 is a one way encryption ...
0
 
LVL 10

Assisted Solution

by:kukno
kukno earned 250 total points
ID: 22752681
MD5 is not an encryption algorithm, but a hash algorithm, which is NOT reversible. So, if you want to view the password in plain text, either store it in plain text, or use a symmetric encryption algorithm like 3DES, RC4 or AES.

Have a look at these tutorials:

http://www.ibm.com/developerworks/opensource/library/os-php-encrypt/
http://www.onlamp.com/pub/a/php/2001/07/26/encrypt.html

and also this:

www.php.net/mcrypt

Regards
Kurt


0
 

Author Closing Comment

by:tru504187211
ID: 31507636
Thanks guys!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now