How to Encrypt password using PHP Script

Question

How to Encrypt password in PHP, i am using below code to insert data into database using PHP code and i am able to store new member data but now i just want to encrypt user password..

PHP Script::

<?php
$objConnect = mysql_connect("localhost","root","");
$objDB = mysql_select_db("allah);


$strPassword = $_POST["sPassword"];
$strName = $_POST["sName"];


/*** Insert ***/
$strSQL = "INSERT INTO member (Password,Name)
VALUES (
'".$strPassword."',
'".$strName."',

)
";

$objQuery = mysql_query($strSQL);
if(!$objQuery)
{
$arr['StatusID'] = "0";
$arr['Message'] = "Cannot save data!";   
}
else
{
$arr['StatusID'] = "1";
$arr['Message'] = "Register Successfully!";
}

mysql_close($objConnect);
echo json_encode($arr);

?>

Answer 1

You can make use of crypt(); in php. It supports multiple hash types.
http://php.net/manual/en/function.crypt.php
Use prepared statements while doing a db query. (PDO or mysqli)

Answer 2

md5 is not safe anymore, sha should be used from now on. Take a look at http://php.net/manual/en/function.hash.php and use with sha256 or sha512

Answer 3

I believe that your question is very basic method of handling passwords to store in database. There are many views on this if you might have googled already. However these two links might be helpful .

Check this link for knowing all methods available. You need not to follow article but it gives all possible ways of password management.

another this question!

Answer 4

i am using this class for encrypt.

http://www.androidsnippets.com/encrypt-decrypt-between-android-and-php

Create a php file named MCrypt.php

<?php 

        class MCrypt
        {
                private $iv = 'fedcba9876543210'; #Same as in JAVA
                private $key = '0123456789abcdef'; #Same as in JAVA


                function __construct()
                {
                }

                function encrypt($str) {

                  //$key = $this->hex2bin($key);    
                  $iv = $this->iv;

                  $td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);

                  mcrypt_generic_init($td, $this->key, $iv);
                  $encrypted = mcrypt_generic($td, $str);

                  mcrypt_generic_deinit($td);
                  mcrypt_module_close($td);

                  return bin2hex($encrypted);
                }

                function decrypt($code) {
                  //$key = $this->hex2bin($key);
                  $code = $this->hex2bin($code);
                  $iv = $this->iv;

                  $td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);

                  mcrypt_generic_init($td, $this->key, $iv);
                  $decrypted = mdecrypt_generic($td, $code);

                  mcrypt_generic_deinit($td);
                  mcrypt_module_close($td);

                  return utf8_encode(trim($decrypted));
                }

                protected function hex2bin($hexdata) {
                  $bindata = '';

                  for ($i = 0; $i < strlen($hexdata); $i += 2) {
                        $bindata .= chr(hexdec(substr($hexdata, $i, 2)));
                  }

                  return $bindata;
                }

        }
?>

and include thi php file to where you use encrypt

include(MCrypt.php);

and then use

$mcrypt = new MCrypt();
#Encrypt
$encrypted = $mcrypt->encrypt("Text to encrypt");

one last thing to add don't forget to change

 $iv = 'fedcba9876543210'; 
 $key = '0123456789abcdef';

must be 16 characters

Answer 5

use mysql encription ,

AES_DECRYPT()    
AES_ENCRYPT()

for AES_ENCRYPT()

  SELECT   AES_ENCRYPT('mytext', 'mykeystring');  

for AES_DECRYPT

SELECT   AES_DECRYPT(AES_ENCRYPT('mytext','mykeystring'),  
'mykeystring');