Curtis Maurand wrote:
need to encrypt data and then retrieve it later (credit card data). I couldJust to be a security nut, you shouldn't use the encryption functions in MySQL at all unless you're always connecting (guaranteed) to the server as localhost (and always will be). You should always do your encryption/decryption/hashing in your program and then do the queries based on that data. Download a copy of mcrypt and mhash and you'll see that they're quite easy to use. openssl is another option if you feel so inclined.
probably pass it through and md5 or des function via openssl I suppose and
then store it. Perl and PHP both have functions to handle that.
For example:
$pass = "...";
$pass_md5 = md5sum($pass);
mysql_query('update users set password = "$pass_md5" where id = $id');
or
$res = mysql_query('select password from users where id = $id');
$row = mysql_fetch_array($res);
if ($row['password'] != $pass_md5) die("Bad password");
This way, the data going over the MySQL link is already secure before it goes over your network or leaves your program.
--
Michael T. Babcock
C.T.O., FibreSpeed Ltd.
http://www.fibrespeed.net/~mbabcock
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
