On Wed, 2 Jun 2004 16:02:45 -0700 Micah <[EMAIL PROTECTED]> wrote: > Thanks Paul and Jesse, > > I got it.. the php crypt() is the one to use.. in case anyone > else is hacking in php, here's what I found to work: > > $pwtype = the type as recorded in the encryption type field in > the user table. $user_password = the password as recorded in > the database.$pw = the supplied pw. > $pwout = the resulting string to compare to the database value. > > > $pwout = crypt($pw, substr($user_passwd, 0, 2));
Out of curiousity, what if you use the stored password as the salt itself? I would expect crypt() truncates it, saving you the hassle. -fr. -- Feargal Reilly, Codeshifter, Chrysalink Systems. ICQ: 109837009 | YIM: ectoraige PGP Key ID: 0xE721BBE6 (expires 06-Aug-2004) Visit http://ie.bsd.net/ - BSDs presence in Ireland
pgpCoOVpPz9u1.pgp
Description: PGP signature
