Looking at the encrypt function, it optionally takes a salt parameter. Using encrypt
without specifying a salt yields random results:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1732533 to server version: 3.23.37-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer
mysql> select encrypt('qwerty');
+-------------------+
| encrypt('qwerty') |
+-------------------+
| V/3Wzqmp93fts |
+-------------------+
1 row in set (0.00 sec)
mysql> select encrypt('qwerty');
+-------------------+
| encrypt('qwerty') |
+-------------------+
| W/55RyU1LdYN6 |
+-------------------+
1 row in set (0.00 sec)
How is this useful? Looking at the C crypt manpage, you MUST specify a salt:
char *crypt(const char *key, const char *salt);
So where does mysql get its salt from? Is it a random salt? This confused the hell our
of me for around an hour!
--
Richard Ellerbrock
[EMAIL PROTECTED]
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php