views:

25

answers:

2

I've got a class called Membership, in which i have a two methods. The first one's called validateUser, and the second one is called encryptPass. The problem is that even though i call the encryptPass method, it returns the original password. In other words; it doesn't seem like it's actually returning the data or it's not calling the method correctly?

I'm new to OOP so don't judge me for not knowing very much now.

This is how it looks were i call the method:

  //validate password and hash it if valid
  if(strlen($password) > 25 || strlen($password) < 4) {
   $password = $this->encryptPass($password);
   $errorArray[] = "Löenordet måste vara mellan 4-25 tecken långt.";
  }

And this is how the actual encryptPass method looks like:

 function encryptPass($password) {
  $salt = substr($password, 2, 4);
  $password = md5(md5($password));
  $password = substr($password, 0, 20) . $salt . substr($password, 0, 20);
  $password = md5($password);
  return $password;
 }

I threw together a custom encryption algorithm as you can see, maybe i screwed up there somehow?

Thanks in advance!

+1  A: 

Your encryptPass() method isn't getting called unless your $password string is more than 25 characters or less than 4. Are you sure that's the correct logic?

Nick Shepherd
Nike
A: 

You're checking if(strlen($password) > 25 || strlen($password) < 4), which in English is "if the length of the string is greater than 25 or less than 4", which is probably not the correct logic. You probably meant to do

if (strlen($password) > 4 && strlen($password) < 25)

which would check for a password that is between 5 and 24 characters long, or

if (strlen($password) >= 4 && strlen($password) <= 25)

if you want to check for a password between 4 and 25 characters long.

Daniel Vandersluis