UPDATE members set passwd=PASSWORD(passwd); "select login from members where PASSWORD($form_pass)=passwd;"
Regards, Adnrey Hristov ----- Original Message ----- From: "Justin French" <[EMAIL PROTECTED]> To: "php" <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 2:32 PM Subject: [PHP] encryption > Hi, > > Can someone give me a brief over view of how to encrypt a password and > store it in a MySQL DB, then be able to validate thier plain text > password on login against the encrypted one on the DB? > > > I'm guessing I: > > 1. encrypt the desired password with some sort of key (eg "blahblah") > which is hidden in a protected directory > > 2. write the encrypted password to the database > > > Next time the user logs in: > > 1. take thier plain-text password they submit to login > > 2. encrypt it with the same key > > 3. compare it to the one on the database > > > Or, is there something i'm missing, some sort of gaping big arse > security hole, or some set of functions which take care of a heap of > this stuff for me? > > If someone could point me to the right encryption tools / links / > tutorials, i'd be gratefull. > > > > TIA > > Justin French > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]