Ok, so you can obtain a random result (thought that was what random()
was for), but still cannot understand how this could be usefull. I use
encrypt to store password info in a database, but how do you compare the
user entered password with the one in the database if the results vary
the whole time? Please give me an application for this behaviour and I
will be happy :-)
Tonu Samuel wrote:
>
> On Thu, 7 Jun 2001, Richard Ellerbrock wrote:
>
> > Looking at the encrypt function, it optionally takes a salt parameter. Using
>encrypt without specifying a salt yields random results:
> >
> > mysql> select encrypt('qwerty');
> > +-------------------+
> > | encrypt('qwerty') |
> > +-------------------+
> > | V/3Wzqmp93fts |
> > +-------------------+
> > 1 row in set (0.00 sec)
> >
> > mysql> select encrypt('qwerty');
> > +-------------------+
> > | encrypt('qwerty') |
> > +-------------------+
> > | W/55RyU1LdYN6 |
> > +-------------------+
> > 1 row in set (0.00 sec)
> >
> > How is this useful? Looking at the C crypt manpage, you MUST specify a salt:
> >
> > char *crypt(const char *key, const char *salt);
> >
> > So where does mysql get its salt from? Is it a random salt? This confused the hell
>our of me for around an hour!
>
> You should look MySQL manual not C crypt manpage ;). And yes, thisis
> random salt and makes life little bit more secure.
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
