Xtry
asked on
Crypting cooking information!
Ok this is what I did:
1. Put the $username, Crypt($password) in the cookie file
2. When I read it, I need 2 verify the same password with the one on MySQL database but I see that mysql has no Crypt function!
Is there any other way of doing the same thing that I have mentioned here!
1. Put the $username, Crypt($password) in the cookie file
2. When I read it, I need 2 verify the same password with the one on MySQL database but I see that mysql has no Crypt function!
Is there any other way of doing the same thing that I have mentioned here!
ASKER
is md5 1 way encryption?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@ frugle
Agreed with regards to base64, MD5 is the better method but described above it will mean more modification to the system so i was looking towards an easier alternative.
>> most people can decode base64 in their heads
Maybe so for advanced computer literate users but I doubt most computer users have even heard of base64 (refering to the average user)... and for that matter probably wont know that much about cookies. The actual cookie is also restricted to the local machine so its not that easily accessible.
Nonetheless i am not promoting using base64, MD5 should be used but as i said before it means updating the password field in the database rather then just modifying the script.
Agreed with regards to base64, MD5 is the better method but described above it will mean more modification to the system so i was looking towards an easier alternative.
>> most people can decode base64 in their heads
Maybe so for advanced computer literate users but I doubt most computer users have even heard of base64 (refering to the average user)... and for that matter probably wont know that much about cookies. The actual cookie is also restricted to the local machine so its not that easily accessible.
Nonetheless i am not promoting using base64, MD5 should be used but as i said before it means updating the password field in the database rather then just modifying the script.
ASKER
Cant I just do something like encrypt the password with MD5 and rather than changing all the passwords in the database do this:
SELECT * FROM `userdb` WHERE `username` = '$usernameFromCookie' AND md5(`password`) = '$md5EncryptedPasswordFrom Cookie';
SELECT * FROM `userdb` WHERE `username` = '$usernameFromCookie' AND md5(`password`) = '$md5EncryptedPasswordFrom
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Try using md5() instead of crypt
Cheers!