Membership management with password encryptionWe will learn here how to store encrypted password in the table. Before this in our basic Member signup & login script we have used varchar field to store the passwords of the users. For better security of our software we will encrypted the password by using MD5 encryption and then store the hash of the password string in the table. With this modification managing the script became little different as we can't retrieve the lost password. This part we will discuss separately at the second part of membership script. Now for this modification we have to change our basic membership signup script so we will discuss here what changes / updating are required to our pages for adding this feature.
With the popularity of Ajax , we have included this concept in our membership management script new versions. You can see the demo of signup and login forms
Length of the password field to store MD5 encrypted password
DEMO of Signup form using Ajax
In the present membership management software we have increase the filed size to 32. A varchar field of 32 lengths is required to store our passwords.
While inserting the member details to our member table we have to encrypt the password of the member before storing them in the table. Like this .
$password=md5($password); // Encrypt the password before storing
While checking the signup details of the member we have to check the email address used by the member is already there with us or not. So one more check above the other checks are added ( in comparison to basic script )
$query=mysql_query("insert into plus_signup(userid,password,email,name,sex) values('$userid','$password','$email','$name','$sex')");
Here we will be asking the visitor to enter his / her login id and password. Before checking the password with the table we have to encrypt it and then match the encrypted password along with the userid against the stored id and password in our membership table.
Change password page
Here once the password validation is cleared, we have to encrypt the password and then update the table with new password.
Forgot password feature.This is the most important part in member signup script where password is encrypted. We can't retrieve the lost password so we will use one activation key. We will discuss in detail in next section Part II.
User can update the membership details that was submitted at the time of signup. The data will be displayed with edit option to the users. After updating user gets a success message.