Eduardo Bejar wrote:
I have a MySQL database with encrypted passwords, that were created with:

$input_password = $_POST["password"];
$salt = "ab"; /// Salt is always two character string and the same for all
$password_to_save = crypt($input_password, $salt);

and then saved in MySQL with: insert into password_table set
passwd='$password_to_save'; (other columns are inserted also, but passwd is
the one related to this question).

Now, to check if a password is valid, I set $salt as the first two
characters of the stored encrypted password, and with this salt I crypt and
compare both:

$salt = substr ($password_stored_in_mysql, 0,2);
$password_to_check = crypt($input_password, $salt);

if ($password_to_check == $password_stored_in_mysql) echo "Password is the

This used to work on a PC that runs PHP 4.1.2 and MySQL 3.23.36. But when
trying this on other PC that runs PHP 4.3.11 and MySQL 3.23.58, I get no
password match, as $password_to_check is different from the one stored in
the database.

In example: $password_to_check shows "ab2vG8KakAAGY" and the stored one is

What could be causing this? How should I compare the passwords?
Thank you,


Instead of using PHP, use MySQL MD5 to encrypt the string. You could do the encryption on the insert and then when you want to check the password, use the MD5 on the select statement. I have done it both ways, and I perfer to use MySQL to do it.

My $.02 worth

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to