Hi,
Note from the manual:
PASSWORD() encryption is one-way (not reversible).
Also note:
===============================
Note
The PASSWORD() function is used by the authentication system in
MySQL Server; you should not use it in your own applications.
For that purpose, consider MD5() or SHA1() instead. Also see RFC 2195, section
2 (Challenge-Response Authentication Mechanism
(CRAM)), for more information about handling passwords and authentication
securely in your applications.
===============================
The way to do it is to encrypt the response password from the logon and compare
the encrypted versions; rather than decrypting for
the compare.
Gary
> -----Original Message-----
> From: Nasreen Laghari [mailto:[EMAIL PROTECTED]
> Sent: Sat, February 16, 2008 10:18 PM
> To: [email protected]
> Subject: [PHP-DB] Password decryption
>
>
> Hi,
>
> I'm junior in PHP and stuck on Encryption.
>
> I have encrypted password using SQL :
>
> $query = "insert into user (userid,password,) values
> ('$username',Password('$pass'));";
>
> Which is working perfect. Now I'm working on Login page where
> I have to compare passwords.. As password in database is
> encrypted so I need to decrypt it back for compression. I
> have tried the flowing but not working.
>
> if ($pwd != Password("$info['password']"))
> {
> echo("-----------------");
> //header("Location: abuse.php");
> }
>
> and
>
> if ($pwd != $info(Password("['password']"))
> {
> echo("-----------------");
> //header("Location: abuse.php");
> }
>
> Could any one please help..
>
> Thank you
>
>
>
> ______________________________________________________________
> ______________________
> Be a better friend, newshound, and
> know-it-all with Yahoo! Mobile. Try it now.
> http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
