Join Up! 104884 members and counting!

Login To PHPBuilder User Name: Password: Register A New Site Account * NOTE: This is for logging into the main site only! To login to the forums, click here

Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Hiermenus DatabaseJournal Technology Jobs Covalent Extends Apache 2.0 to Microsoft ASP.NET ShopWorX - Support for Windows PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 Network Risk Assessment Full-Featured, Java-Based Apache GUI Using XML, a PHP Developer's Primer, Part 4: XML-RPC, PHP and Javascript PHP Web Blog - Part 3 PHP Basics: Intro to PHP The New PHP 5 Features for Constructors and Destructors Use the PHP Filter Extension to Validate User Data

php-general | 2000071

From: Chris Adams (chris <email protected>)
Date: 07/07/00

• Next message: Sebastian Bergmann: "Re: [PHP] File Size problems when uploading via PHP and Apache"
• Previous message: Chris Adams: "Re: [PHP] passwords"
• In reply to: Abdul-Kareem Abo-Namous: "Re: [PHP] passwords"
• Next in thread: scottrus <email protected>: "Re: [PHP] passwords"
• Reply: scottrus <email protected>: "Re: [PHP] passwords"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> thanks guys; let's see if i got it: i md5-encrypt the password string once
> and store the resulting string. i change the form method to post. as soon
as
> my script gets the username and password it encrypts the password again
and
> checks against the stored one. if they match and i don't want to work with
> cookies then i pass the username and encrypted password from page to page.

I'd avoid putting username/password in the form unless there's no
alternative. It'd be safer to use the PHP4 session library (which can be
used without cookies) for this sort of thing.

> btw, there doesn't seem to be a single built-in decryption function in
php,
> is there? not necessarily a bad thing...

Not in the core, no. There's the entire mcrypt library (See Encryption
Functions in the manual) which provides a number of encryption algorithms.

(BTW - md5() isn't encryption. It's a cryptographic hash because you can
never retrieve the input.)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-general-unsubscribe <email protected>
For additional commands, e-mail: php-general-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: Sebastian Bergmann: "Re: [PHP] File Size problems when uploading via PHP and Apache"
• Previous message: Chris Adams: "Re: [PHP] passwords"
• In reply to: Abdul-Kareem Abo-Namous: "Re: [PHP] passwords"
• Next in thread: scottrus <email protected>: "Re: [PHP] passwords"
• Reply: scottrus <email protected>: "Re: [PHP] passwords"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Columns / Articles | Tips / Quickies | News | News Linking and RSS Feeds | Shared Code Library Mail Archives | Support / Discussion Forums | Get Started! Links | Contribute! | Docs