Ajax to create password hash

software development


The unique username verification works, so I’m not asking about that.
Javascript doesn’t do md5, so I’m attempting to farm it out with ajax here.
I can’t seem to get the syntax right for the part in blue.
I’m a rank beginner in javascript, so I could use a little help here.

// Test to see if there is an existing user by this name…
$(document).ready(function() {
$.post("…/assets/scripts/check.php", {
myID: $(’#myID’).val()
}, function(response){
setTimeout(“finishAjax(‘myIDResult’, '” escape(response) “’)”, 400);
return false;

[color=#0000CC]//Create md5 hash from string in field ‘password2’ and put it into hidden field ‘password’.
$.post("…/assets/scripts/hashpass.php", {
password2: $(’#password2’).val()
}, function(response){
return false;

function finishAjax(id, response) {
$(’#’ id).html(unescape(response));
$(’#’ id).fadeIn();
} //finishAjax

[/code]This is my php code in hashpass.php:

$password2 = $_POST[‘password2’]; // get the password
$password2 = trim(htmlentities($password2)); // strip some crap out of it

$myHashedPass = md5($password2);

return $myHashedPass;

?>[/code]From the form that where the fields exist:<input name="password2" id="password2" type="text" value="" size="32"/> <input name="password" id="password" type="text" value=""/>How do I word it so the hashed password gets inserted into hidden field ‘password’ on blur?
For purposes of diagnostics, I’ve left password as type=“text”.



Sending the cleartext password to a PHP script to take the MD5 loses you all the security that hashing the password gains you. However, there are Javascript implementations of MD5 available - here’s one: http://www.onicos.com/staff/iz/amuse/javascript/expert/md5.txt


Doh! you’re right! I’ll check it out. Thanks.


So, assuming I’ve sourced the suggested md5.js above my in-doc js thus:

I might try something like this instead:

//Create md5 hash from string in field ‘password2’ and put it into hidden field ‘password’.
var hashedpass = md5(document.form1.password2.value);
document.form1.password.value = hashedpass;

That doesn’t seem to work either.
Am I even close?