Just use the password() function, which will return a nice 16-byte 1-way encrypted
string.
On Fri, 08 Jun 2001 00:04:18 -0700
Richard Ellerbrock <[EMAIL PROTECTED]> wrote:
> Ok, so you can obtain a random result (thought that was what random()
> was for), but still cannot understand how this could be usefull. I use
> encrypt to store password info in a database, but how do you compare the
> user entered password with the one in the database if the results vary
> the whole time? Please give me an application for this behaviour and I
> will be happy :-)
>
> Tonu Samuel wrote:
> >
> > On Thu, 7 Jun 2001, Richard Ellerbrock wrote:
> >
> > > Looking at the encrypt function, it optionally takes a salt parameter. Using
>encrypt without specifying a salt yields random results:
> > >
> > > mysql> select encrypt('qwerty');
> > > +-------------------+
> > > | encrypt('qwerty') |
> > > +-------------------+
> > > | V/3Wzqmp93fts |
> > > +-------------------+
> > > 1 row in set (0.00 sec)
> > >
> > > mysql> select encrypt('qwerty');
> > > +-------------------+
> > > | encrypt('qwerty') |
> > > +-------------------+
> > > | W/55RyU1LdYN6 |
> > > +-------------------+
> > > 1 row in set (0.00 sec)
> > >
> > > How is this useful? Looking at the C crypt manpage, you MUST specify a salt:
> > >
> > > char *crypt(const char *key, const char *salt);
> > >
> > > So where does mysql get its salt from? Is it a random salt? This confused the
>hell our of me for around an hour!
> >
> > You should look MySQL manual not C crypt manpage ;). And yes, thisis
> > random salt and makes life little bit more secure.
>
> ---------------------------------------------------------------------
> Before posting, please check:
> http://www.mysql.com/manual.php (the manual)
> http://lists.mysql.com/ (the list archive)
>
> To request this thread, e-mail <[EMAIL PROTECTED]>
> To unsubscribe, e-mail <[EMAIL PROTECTED]>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php