You can't unhash MD5.. it's one way only. You could encrypt something and 
unencrypt it later, but it's not clear what advantage you would get out of 
what you're saying. 

Perhaps I don't understand, but if you have a separate connection file, why 
would you need to pass a password at all? 


On Friday 25 February 2005 09:11 am, Bob Sherer wrote:
> You could programmatically build the connection string in the php
> connection file, couldn't you?  Have a line that sets a variable equal to
> the MD5 hashed value.  Then, build the connection string, applying a call
> to a function that unhashes the password.  That way, the password itself
> never appears in code.
> I don't know a thing about unhashing MD5 encrypted strings.  Sorry I can't
> help you there.  But, it sounds like you've already found that info.
> Good luck,
> Bob Sherer
> -----Original Message-----
> From: Jon-Eirik Pettersen [mailto:[EMAIL PROTECTED]
> Sent: Thursday, February 24, 2005 10:54 AM
> To: Gael Lams
> Cc:
> Subject: Re: [PHP-DB] password in md5 to connect to mysql instead of
> clear password
> On Thu, 24 Feb 2005 02:37:01 -0800 (PST), Gael Lams <[EMAIL PROTECTED]> 
> > Hi all
> >
> > I use the classic following rows to connect to a mysql
> > database. I always put $passsword in clear in the php
> > connection file and I wonder whether there is a way to
> > have it in md5 so that someone reading the file could
> > not use it to connect to the db. I googled a bit but
> > find only threads explaining how to have password
> > saved in md5 inside a mysql table which is not I would
> > like to do
> Because MySQL is using another password-hashing-algoritm other than
> MD5, as far as I know, it is not possible.

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to