13

Actually i am creating changepassword page. and this is my function of checking old password is match with the existing password or not. And that password is stored in MD5 in database so i want to first convert that password in MD5 and after that i can check that password. Here is the code. 

function fnIsValidOldPassword()
{
var oldPassword = "";
var objUser = new Object();

objUser.UserID = <?php echo $_SESSION['UserId'] ?>;
$.ajax({
    type: "POST",
    url: "db.php?GetUser",
    data: {data:objUser},
    async:false,
    dataType:"json",
    success: function(response)
    {
        if(response.IsError)
            alert(response.ErrorMessage);
        else
            oldPassword = response.Records[0].Password;
    },
    error:function(message)
    {
        alert("Error: " + message);
    }
});

if($.md5($("#txtOldPassword").val())) != oldPassword)
         ^^ //here it shows error. that md5 is not a function.
{
    $("#errorPassword")[0].innerHTML = "Wrong Old Password.";
    $("#txtOldPassword").removeClass("successTextBox").addClass("errorTextBox");
    return false;
}

$("#txtOldPassword").removeClass("errorTextBox").addClass("successTextBox");
$("#errorPassword")[0].innerHTML = "";
return true;
}

md5 is not a function in jquery then how to convert the password in md5.

hakre
  • 193,403
  • 52
  • 435
  • 836
Khushang Bhavnagarwala.
  • 687
  • 3
  • 12
  • 24
  • 3
    You can use this: http://stackoverflow.com/questions/1655769/fastest-md5-implementation-in-javascript But beware: you should really use salted passwords! – mvp Sep 03 '13 at 06:04
  • you need to use a crypto library like [crypto-js](https://code.google.com/p/crypto-js/#MD5) – Arun P Johny Sep 03 '13 at 06:04
  • this link might help http://www.myersdaily.org/joseph/javascript/md5-text.html. Also why not just use md5 with php instead of js. – Class Sep 03 '13 at 06:05
  • 1
    You seem to be returning password from database to the user that is trying to login, very bad way of password checking. You need to send password to you server and check if it matches in database. – Igor Jerosimić Sep 03 '13 at 06:07
  • @IgorJerosimić it looks more like a change password implementation, still I believe it would be better to just send the value to the server and perform the check there? – omma2289 Sep 03 '13 at 06:08
  • 6
    The password hash (especially weak ones like md5) should remain on the server side, never to be leaked. – Ja͢ck Sep 03 '13 at 06:41
  • and how to decrypt md5 using jquery.? – Khushang Bhavnagarwala. Sep 03 '13 at 08:24

6 Answers6

18

jQuery doesnt have a method to provide the md5 of a string. So you need to use some external script. There is a plugin called jQuery MD5. and it gives you number of methods to achieve md5. Few of those are

Create (hex-encoded) MD5 hash of a given string value:

var md5 = $.md5('value');

Create (hex-encoded) HMAC-MD5 hash of a given string value and key:

var md5 = $.md5('value', 'key');

Create raw MD5 hash of a given string value:

var md5 = $.md5('value', null, true);

Create raw HMAC-MD5 hash of a given string value and key:

var md5 = $.md5('value', 'key', true);

This might do what you want... Check the snippet here. jQuery MD5

Ayyappan Sekar
  • 11,007
  • 2
  • 18
  • 22
  • @Ayyapan: Is there a way to decrypt the md5 encrypted string back to original string? – SSS Feb 10 '17 at 12:23
  • 1
    @SSS: You can not obtain the original string back from a md5 hashed string! http://stackoverflow.com/questions/12287704/how-to-reverse-md5-to-get-the-original-string – Ayyappan Sekar Feb 13 '17 at 04:04
  • How to make md5 decrypt? – KingRider Apr 19 '17 at 12:58
  • 1
    @KingRider: We can't decrypt md5 string to its plain text.http://stackoverflow.com/questions/8878388/how-to-convert-md5-string-to-normal-text – Ayyappan Sekar Apr 19 '17 at 14:54
  • 1
    @Ayyapan. md5 is not an encoding, it is a *checksum*. You can't take an MD5 back to the original. The md5 of something is only useful to compare to the md5 of something else - to tell you if it is the same or not. – Paul Jowett May 29 '17 at 07:29
9

Download and include this plugin

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/md5.js"></script>

and use like

if(CryptoJS.MD5($("#txtOldPassword").val())) != oldPassword) {

}

//Following lines shows md5 value
//var hash = CryptoJS.MD5("Message");
//alert(hash);
Zac Grierson
  • 656
  • 1
  • 6
  • 21
MD SHAHIDUL ISLAM
  • 14,325
  • 6
  • 82
  • 89
4

You need additional plugin for this.

take a look at this plugin

Dipesh Parmar
  • 27,090
  • 8
  • 61
  • 90
1

Get the field value through the id and send with ajax

var field = $("#field").val();
$.ajax({
    type: "POST",
    url: "db.php",
    data: {variable_name:field},
    async:false,
    dataType:"json",
    success: function(response) {
       alert(response);
    }
 });

At db.php file get the variable name

$variable_name = $_GET['variable_name'];
mysql_query("SELECT password FROM table_name WHERE password='".md5($variable_name)."'");
user2727841
  • 715
  • 6
  • 21
1
<script src="http://crypto-js.googlecode.com/svn/tags/3.0.2/build/rollups/md5.js"></script>
<script>
    var passhash = CryptoJS.MD5(password).toString();

    $.post(
      'includes/login.php', 
      { user: username, pass: passhash },
      onLogin, 
      'json' );
</script>
Dilip Godhani
  • 2,065
  • 3
  • 18
  • 33
0

Fiddle: http://jsfiddle.net/33HMj/

Js:

var md5 = function(value) {
    return CryptoJS.MD5(value).toString();
}

$("input").keyup(function () {
     var value = $(this).val(),
         hash = md5(value);
     $(".test").html(hash);
 });
Avin Varghese
  • 4,340
  • 1
  • 22
  • 31