On Wednesday 08 July 2009 04:25:46 Carl Furst wrote:
These are great ideas.
Another option would be to have the user choose a pin number and use
either the literal pin or the encrypted pin as part of the salt. This
way only when you change the pin do you need to change the password,
which is
On Tue, Jul 7, 2009 at 11:05 PM, Michael A. Petersmpet...@mac.com wrote:
Carl Furst wrote:
?
$salt = 'someglobalsaltstring'; # the salt should be the same salt used
when storing passwords to your database otherwise it won't work
$passwd = crypt($_GET['passwd'], $salt);
I personally use
$sql = 'SELECT * FROM your-table WHERE username = \''. $username .'\'
and passwd = md5( concat( \'' . $username .'\', \'@\', \'' . $password
.'\'))';
I use this solution because md5 run faster in Mysql
On Wed, Jul 8, 2009 at 10:28 AM, Andrew Ballardaball...@gmail.com wrote:
On Tue, Jul 7, 2009
First, a reminder to several (including some in this thread) that
top-posting is against the law here.
On Wed, Jul 8, 2009 at 09:48, Martin Scottamartinsco...@gmail.com wrote:
$sql = 'SELECT * FROM your-table WHERE username = \''. $username .'\'
and passwd = md5( concat( \'' . $username
On Wed, Jul 8, 2009 at 9:48 AM, Martin Scottamartinsco...@gmail.com wrote:
$sql = 'SELECT * FROM your-table WHERE username = \''. $username .'\'
and passwd = md5( concat( \'' . $username .'\', \'@\', \'' . $password
.'\'))';
I use this solution because md5 run faster in Mysql
--
Martin
On Wed, Jul 8, 2009 at 10:44 AM, Andrew Ballardaball...@gmail.com wrote:
On Wed, Jul 8, 2009 at 9:48 AM, Martin Scottamartinsco...@gmail.com wrote:
$sql = 'SELECT * FROM your-table WHERE username = \''. $username .'\'
and passwd = md5( concat( \'' . $username .'\', \'@\', \'' . $password
Daniel Brown wrote:
First, a reminder to several (including some in this thread) that
top-posting is against the law here.
On Wed, Jul 8, 2009 at 09:48, Martin Scottamartinsco...@gmail.com wrote:
$sql = 'SELECT * FROM your-table WHERE username = \''. $username .'\'
and passwd = md5(
Michael A. Peters wrote:
Daniel Brown wrote:
First, a reminder to several (including some in this thread) that
top-posting is against the law here.
On Wed, Jul 8, 2009 at 09:48, Martin Scottamartinsco...@gmail.com
wrote:
$sql = 'SELECT * FROM your-table WHERE username = \''. $username
On Wed, Jul 8, 2009 at 11:53 AM, PJaf.gour...@videotron.ca wrote:
Michael A. Peters wrote:
Daniel Brown wrote:
First, a reminder to several (including some in this thread) that
top-posting is against the law here.
On Wed, Jul 8, 2009 at 09:48, Martin Scottamartinsco...@gmail.com
wrote:
No it isn't. That's just your personal preference. Mine is different.
--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org
PJ af.gour...@videotron.ca wrote in message
news:4a54c0e8.2080...@videotron.ca...
Michael A. Peters wrote:
Daniel Brown wrote:
First, a reminder to
On Wed, Jul 8, 2009 at 12:14, Tony Marstont...@marston-home.demon.co.uk wrote:
No it isn't. That's just your personal preference. Mine is different.
Uhh Tony, if that's in response to me, you're wrong. Please
read the rules before posting what you believe to be fact. ;-P
--
/Daniel
What rules? I never agreed to abide by any rules before I started posting to
this group. My newsreader assumes top posting by default, so I have been top
posting for the past 10 years. If you don't like it then it is your problem,
not mine.
--
Tony Marston
http://www.tonymarston.net
On Wed, Jul 8, 2009 at 12:38, Tony Marstont...@marston-home.demon.co.uk wrote:
What rules? I never agreed to abide by any rules before I started posting to
this group. My newsreader assumes top posting by default, so I have been top
posting for the past 10 years. If you don't like it then it is
I do not regard that as a concrete rule, and certainly not one worth
bothering about. Lots of newsgroups I visited before coming here allowed top
posting, so it is arrogant for someone to say I personally don't like top
posting, so I'll make a rule that disallows it. A sensible rule, and one
On Wed, Jul 8, 2009 at 12:50 PM, Daniel Browndanbr...@php.net wrote:
On Wed, Jul 8, 2009 at 12:38, Tony Marstont...@marston-home.demon.co.uk
wrote:
What rules? I never agreed to abide by any rules before I started posting to
this group. My newsreader assumes top posting by default, so I have
On Wed, Jul 8, 2009 at 13:02, Tony Marstont...@marston-home.demon.co.uk wrote:
I do not regard that as a concrete rule, and certainly not one worth
bothering about. Lots of newsgroups I visited before coming here allowed top
posting, so it is arrogant for someone to say I personally don't like
On Wed, 2009-07-08 at 13:03 -0400, Bastien Koert wrote:
On Wed, Jul 8, 2009 at 12:50 PM, Daniel Browndanbr...@php.net wrote:
On Wed, Jul 8, 2009 at 12:38, Tony Marstont...@marston-home.demon.co.uk
wrote:
What rules? I never agreed to abide by any rules before I started posting
to
this
I do not follows rules which cannot be justified beyond the expression It
is there, so obey it! Why is it there? What are the alternatives? What harm
does it do? What happens if the rule is disobeyed? Top posting existed in
the early days of the internet, and for a logical reason. Then some
On Wed, Jul 8, 2009 at 3:06 PM, Tony
Marstont...@marston-home.demon.co.uk wrote:
[snip]
I don't like this rule, so I choose to disobey it.
Now that's some scary ideology.
Andrew
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
just an observation here, but are we not getting close to breaking another
rule?
Do not high-jack threads, by bringing up entirely new topics. Please create
an entirely new thread copying anything you wish to quote into the new
thread.
I know some feel this is important but if i was searching
From: Tony Marston
I do not follows rules which cannot be justified beyond the expression
It
is there, so obey it! Why is it there? What are the alternatives?
What harm
does it do? What happens if the rule is disobeyed? Top posting existed
in
the early days of the internet, and for a
On Wed, Jul 08, 2009 at 03:23:49PM -0400, Bob McConnell wrote:
From: Tony Marston
I do not follows rules which cannot be justified beyond the expression
It
is there, so obey it! Why is it there? What are the alternatives?
What harm
does it do? What happens if the rule is disobeyed?
Andrew Ballard wrote:
On Wed, Jul 8, 2009 at 11:53 AM, PJaf.gour...@videotron.ca wrote:
Michael A. Peters wrote:
Daniel Brown wrote:
First, a reminder to several (including some in this thread) that
top-posting is against the law here.
On Wed, Jul 8, 2009 at 09:48,
Tony Marston wrote:
I do not follows rules which cannot be justified beyond the expression It
is there, so obey it! Why is it there? What are the alternatives? What harm
does it do? What happens if the rule is disobeyed?
Damn, isn't life frustrating... in case no one has noticed, 99 % of the
Paul M Foster wrote:
On Wed, Jul 08, 2009 at 03:23:49PM -0400, Bob McConnell wrote:
From: Tony Marston
I do not follows rules which cannot be justified beyond the expression
It
is there, so obey it! Why is it there? What are the alternatives?
What harm
On Wed, Jul 8, 2009 at 4:45 PM, PJaf.gour...@videotron.ca wrote:
Andrew Ballard wrote:
On Wed, Jul 8, 2009 at 11:53 AM, PJaf.gour...@videotron.ca wrote:
I have a couple of questions/comments re all this:
[snip]
2. Cleaning is another bloody headache, for me anyway. I have found that
almost
Try again, and include the actual link this time, dummy. :-)
On Wed, Jul 8, 2009 at 5:30 PM, Andrew Ballardaball...@gmail.com wrote:
On Wed, Jul 8, 2009 at 4:45 PM, PJaf.gour...@videotron.ca wrote:
Andrew Ballard wrote:
On Wed, Jul 8, 2009 at 11:53 AM, PJaf.gour...@videotron.ca wrote:
I have
The basic model for password authentication is to use one way crypt
routines. MySql has several, PHP also has them. The basic algorithm
would be like this:
1) read the password from the form.
2) read the password from you datastore that matches the user name or
session
3) encrypt the
PJ wrote:
Jason Carson wrote:
On Mon, Jul 6, 2009 at 02:19, Jason Carsonja...@jasoncarson.ca wrote:
ok, I have two sets of scripts here. One uses setcookie() for logging
into
the admin panel and the other uses session_start(). Both are working
fine,
is one more secure than
The basic model for password authentication is to use one way crypt
routines. MySql has several, PHP also has them. The basic algorithm
would be like this:
1) read the password from the form.
2) read the password from you datastore that matches the user name or
session
3) encrypt the password on
Carl Furst wrote:
The basic model for password authentication is to use one way crypt
routines. MySql has several, PHP also has them. The basic algorithm
would be like this:
1) read the password from the form.
2) read the password from you datastore that matches the user name or
session
3)
These are great ideas.
Another option would be to have the user choose a pin number and use
either the literal pin or the encrypted pin as part of the salt. This
way only when you change the pin do you need to change the password,
which is probably what you would want anyway.
Michael A. Peters
Carl Furst wrote:
?
$salt = 'someglobalsaltstring'; # the salt should be the same salt used
when storing passwords to your database otherwise it won't work
$passwd = crypt($_GET['passwd'], $salt);
I personally use the username and the salt.
That way two users with identical passwords have
On Mon, Jul 6, 2009 at 1:45 AM, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am trying to create a PHP login script using cookies but am having
some
troubles. Here is my setup
  index.php - authenticate.php - admin.php
I want a login form on index.php that allows me to
On Mon, Jul 6, 2009 at 2:01 AM, Jason Carsonja...@jasoncarson.ca wrote:
On Mon, Jul 6, 2009 at 1:45 AM, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am trying to create a PHP login script using cookies but am having
some
troubles. Here is my setup
index.php -
On Mon, Jul 6, 2009 at 2:01 AM, Jason Carsonja...@jasoncarson.ca wrote:
On Mon, Jul 6, 2009 at 1:45 AM, Jason Carsonja...@jasoncarson.ca
wrote:
Hello everyone,
I am trying to create a PHP login script using cookies but am having
some
troubles. Here is my setup
  index.php -
On Mon, Jul 6, 2009 at 02:19, Jason Carsonja...@jasoncarson.ca wrote:
ok, I have two sets of scripts here. One uses setcookie() for logging into
the admin panel and the other uses session_start(). Both are working fine,
is one more secure than the other?
$_COOKIE data is written to a file
On Mon, Jul 6, 2009 at 02:19, Jason Carsonja...@jasoncarson.ca wrote:
ok, I have two sets of scripts here. One uses setcookie() for logging
into
the admin panel and the other uses session_start(). Both are working
fine,
is one more secure than the other?
$_COOKIE data is written to a
Jason Carson wrote:
On Mon, Jul 6, 2009 at 02:19, Jason Carsonja...@jasoncarson.ca wrote:
ok, I have two sets of scripts here. One uses setcookie() for logging
into
the admin panel and the other uses session_start(). Both are working
fine,
is one more secure than the other?
Jason Carson wrote:
On Mon, Jul 6, 2009 at 02:19, Jason Carsonja...@jasoncarson.ca wrote:
ok, I have two sets of scripts here. One uses setcookie() for logging
into
the admin panel and the other uses session_start(). Both are working
fine,
is one more secure than the other?
$_COOKIE
On Mon, Jul 06, 2009 at 12:03:34AM -0400, Jason Carson wrote:
Hello everyone,
I am trying to create a PHP login script using cookies but am having some
troubles. Here is my setup
index.php - authenticate.php - admin.php
I want a login form on index.php that allows me to login with
Hello everyone,
I am trying to create a PHP login script using cookies but am having some
troubles. Here is my setup
index.php - authenticate.php - admin.php
I want a login form on index.php that allows me to login with my username
and password and then passes $_POST['username'] and
Hello everyone,
I am trying to create a PHP login script using cookies but am having
some
troubles. Here is my setup
index.php - authenticate.php - admin.php
I want a login form on index.php that allows me to login with my
username
and password and then passes $_POST['username'] and
On Mon, Jul 6, 2009 at 1:45 AM, Jason Carsonja...@jasoncarson.ca wrote:
Hello everyone,
I am trying to create a PHP login script using cookies but am having some
troubles. Here is my setup
index.php - authenticate.php - admin.php
I want a login form on index.php that allows me to login
44 matches
Mail list logo