Is there away to take a md5 encrypted password and decrypt it and give that to the
client, if they
fogot their password.
=
dan mccullough
"Theres no such thing as a problem unless the servers are on fire!"
___
Hello,
What is the best way to encrypt/decrypt strings when passing between php
pages?
I am using md5 and currently get strings that produce "unprintable"
characters
or characters like slashes or other things that could interfere with the
passing
between php pages. (e.g.
http://server.asdf/actio
Hi there assume that I had a password field in md5 format like this
$1$uJ8d$jJKOHnfh^79824/.
how do i compare an input password to the password that I sore in database
so it can return right or wrong password
thanks
Yamin Prabudy
--
PHP General Mailing List (http://www.php.net/)
To unsubscri
On Wed, 5 Dec 2001, Dan McCullough wrote:
>-Is there away to take a md5 encrypted password and decrypt it and give that to the
>client, if they
>-fogot their password.
No.
>-
>-=
>-dan mccullough
>-
>-"Theres no such thing as a proble
<[EMAIL PROTECTED]>
Sent: Wednesday, December 05, 2001 2:21 PM
Subject: [PHP] md5 decrypt
> Is there away to take a md5 encrypted password and decrypt it and give
that to the client, if they
> fogot their password.
>
> =
> dan mccullough
> -
"Dan McCullough" <[EMAIL PROTECTED]> wrote:
> Is there away to take a md5 encrypted password and decrypt it and give
that to the client, if they
> fogot their password.
Short answer is no, long answer below. I just answered this on another list
10 minutes ago so I'm pasting in part of my reply u
>
>e.g.
>5V"g\7`Qv1Sc]aV&Q4a6#bW>SbU!f_4V1QvPaUe 5Q!c b
Something else is "helping" you.
MD5 output does not look like that.
MD5 is 32 hex chars, 0-9 and a-f
I have not tried passing MD5 values out to the browser though, it may be
the browser "helping". I use MD5 extensively on my spamwhack
I've run into this befor run base64_encode() on the string befor you pass it
around then base64_decode() after you get it where its going.
- James
> Hello,
>
> What is the best way to encrypt/decrypt strings when passing between php
> pages?
>
> I am using md5 and currently get strings that prod
Dan Harrington wrote:
> What is the best way to encrypt/decrypt strings when passing between
> php pages?
If your encryption is meant to be anything near secure, there is only
one way:
DON'T
GET or POST-Parameters are for user-input. Handing information over to
the client and taking it back la
>
>GET or POST-Parameters are for user-input. Handing information over to the
>client and taking it back later is a potential security leak. If you have
>no means of revalidating the information after it crossed the so called
>trust boundary, you should't do it.
>Send a handler, some random an
> If your encryption is meant to be anything near secure, there is only
> one way:
> DON'T
Well, this is true. I kinda just want to be able to pass things back and
forth without
giving the average user the ability to even have a clue as to what I am
doing. If
they can't see, they will have less
On Fri, 4 May 2001, Thimo von Rauchhaupt wrote:
> > Hi there assume that I had a password field in md5 format like this
> > $1$uJ8d$jJKOHnfh^79824/.
> > how do i compare an input password to the password that I sore in database
> >
> > so it can return right or wrong password
>
> Just compare t
I'd like to use php to do what I'm able to do in perl.
use String::Random;
use Crypt::PasswdMD5;
$foo = new String::Random;
$rand = $foo->randpattern("ss");
print "Type in your password: ";
$password = ;
$hash = unix_md5_crypt($password,$rand);
$salt = substr($hash,3,2);
print "SUBSTR: $s
Get Input password into $pwd
Get hashed password from db into $hashed_pwd
do compare like:
if (md5($pwd) == $hashed_pwd) { // good! }
""Yamin Prabudy"" <[EMAIL PROTECTED]> wrote in message
004901c0d462$ff394240$[EMAIL PROTECTED]">news:004901c0d462$ff394240$[EMAIL PROTECTED]...
> Hi there assume
> Hi there assume that I had a password field in md5 format like this
> $1$uJ8d$jJKOHnfh^79824/.
> how do i compare an input password to the password that I sore in database
>
> so it can return right or wrong password
Just compare the md5 hashed password with the md5 hashed string from the
datab
not sure if you've gotten any help on this yet. perhaps test the
CRYPT_SALT_LENGTH and CRYPT_MD5 constants to make sure that your system
and compiled php support md5 via crypt(). also, what salts did you try?
note the comments at the bottom of
http://php.net/manual/en/function.crypt.php about d
Well, I'm assuming, perhaps incorrectly that the perl modules I used
derived its md5 capabilities from the system. I did see all the comments
on the crypt() page and basically copied each one. When passing a md5
looking salt, crypt() doesn't seem to do anything special with it and my
salt remai
try:
or:
you should get output of 12 and 1 (not 2 and 0) if md5 is supported in
crypt(), i think.
you compiled php on the system it's running on? if you used a binary rpm
or something, and the system it was compiled on didn't support md5, then
it won't work.
-tcl.
On Tue, 17 Jul 2001,
On Tue, 17 Jul 2001, tc lewis wrote:
>
> try:
>
>
>
> or:
>
>
>
> you should get output of 12 and 1 (not 2 and 0) if md5 is supported in
> crypt(), i think.
>
> you compiled php on the system it's running on? if you used a binary rpm
> or something, and the system it was compiled on didn't s
On Tue, 17 Jul 2001, tc lewis wrote:
>
> try:
>
>
>
> or:
>
>
>
> you should get output of 12 and 1 (not 2 and 0) if md5 is supported in
> crypt(), i think.
Yeah, I'm getting 2 and 0. Lame. What's the answer to this.
-jeremy
> you compiled php on the system it's running on? if you used
On Tue, 17 Jul 2001, Jeremy Hansen wrote:
> On Tue, 17 Jul 2001, tc lewis wrote:
> > try:
> >
> >
> >
> > or:
> >
> >
> >
> > you should get output of 12 and 1 (not 2 and 0) if md5 is supported in
> > crypt(), i think.
>
> Yeah, I'm getting 2 and 0. Lame. What's the answer to this.
i'm not
On Tue, 17 Jul 2001, tc lewis wrote:
>
> On Tue, 17 Jul 2001, Jeremy Hansen wrote:
> > On Tue, 17 Jul 2001, tc lewis wrote:
> > > try:
> > >
> > >
> > >
> > > or:
> > >
> > >
> > >
> > > you should get output of 12 and 1 (not 2 and 0) if md5 is supported in
> > > crypt(), i think.
> >
> > Yea
This is all better now.
I compiled with libmcrypt and php-4.0.6 at the same time, so I'm not sure
exactly which caused the fix, but it works now. Also, the perl module I
was using seemed to generate "apache stype" md5 hash, which is another
reason why authenticating with postgres and md5 hashes
> Yeah, I'm getting 2 and 0. Lame. What's the answer to this.
Go back to your PHP source directory and start digging through config.log
and config.cache or even re-run the configure to see what's going on with
various crypt libraries.
If you installed them in a non-standard place, maybe PHP ju
Hello,
excuse my ignorance on that field, but if I use md5 in a java server page
(jsp), can I decrypt it
in php ? Is the implemantation of md5 the same on both language ?
py
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands,
Is mysql's PASSWORD() function secure for storing passwords?
Or should I use one of PHP's md5() or uniqid(), or even md5(uniqid()) ???
. Christian Dechery (lemming)
. http://www.tanamesa.com.br
. Gaita-L Owner / Web Developer
--
PHP General Mailing List (http://ww
Does anyone have a crypt() function that can use the $apr1$ prefixed
salt that apache's htpasswd uses?
David
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Hi,
I'm trying to rewrite a perl finction to php. The function uses Digest::MD5.
PHP md5() returns a 32 char hex number. The perl Digest::MD5 function
returns a 16 char (ascii??) string. Can I also get this from PHP? If so
how do I do that?
My ultimate goal is to have compatible PHP
> excuse my ignorance on that field, but if I use md5 in a java server page
> (jsp), can I decrypt it
> in php ? Is the implemantation of md5 the same on both language ?
Sure, but you don't decrypt md5. You md5 again and compare the two md5's
-Rasmus
--
PHP General Mailing List (http://www.p
;[EMAIL PROTECTED]>
Sent: Saturday, August 04, 2001 10:03 PM
Subject: Re: [PHP] md5 on different platform
> > excuse my ignorance on that field, but if I use md5 in a java server
page
> > (jsp), can I decrypt it
> > in php ? Is the implemantation of md5 the same on both language
Hello,
Don't know if this is a question of (mis)configuration; I'm posting this
just in case someone had run into this before:
PHP's native md5() appears to return a different value from Linux's md5sum
command:
[mavrekh ~]$ echo "blah" | md5sum
0d599f0ec05c3bda8c3b8a68c32a1b47 -
[mavrekh ~]$
The PHP one supports that if your OS does.
On Thu, 14 Mar 2002, David Ford wrote:
> Does anyone have a crypt() function that can use the $apr1$ prefixed
> salt that apache's htpasswd uses?
>
> David
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.p
On the same box, php is generating $1$ md5 hashes properly, two char and
$apr1$ hashes as DES. The htpassword is generating $apr1$ hashes.
Where is the gadget that needs fixed?
David
Rasmus Lerdorf wrote:
>The PHP one supports that if your OS does.
>
>On Thu, 14 Mar 2002, David Ford wrote:
>
Ah, PHP doesn't understand $apr1$ to be an md5 salt. Not quite sure why
Apache's htpasswd uses that salt instead of the standard $1$
On Thu, 14 Mar 2002, David Ford wrote:
> On the same box, php is generating $1$ md5 hashes properly, two char and
> $apr1$ hashes as DES. The htpassword is genera
On Sun, 16 Jun 2002, Danny Kruitbosch wrote:
>-Hi,
>-
>-I'm trying to rewrite a perl finction to php. The function uses Digest::MD5.
>-
>-PHP md5() returns a 32 char hex number. The perl Digest::MD5 function
>-returns a 16 char (ascii??) string. Can I also get this from
hehehyou forgot something :)
echo "blah" is actually "blah\n"
# echo -n "blah" |md5sum
6f1ed002ab5595859014ebf0951522d9 stdin
-d
Mikhail Avrekh wrote:
>Hello,
>
>Don't know if this is a question of (mis)configuration; I'm posting this
>just in case someone had run into this before:
>
>PH
36 matches
Mail list logo
