View Single Post
Old 05-23-07, 07:56 PM   #16
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Need a non-functional PHP login box

Quote:
Originally Posted by ViN86
the password() function is a hash function as well. it's inside MySQL i believe.

EDIT:
http://dev.mysql.com/doc/refman/5.0/en/user-names.html

actually, it appears to be its own encryption function in MySQL. i found a way to call the function outside of MySQL. i assume i just use that function instead of the md5() call?
http://us.php.net/mysql
This really comes down to preference but I prefer md5 as a one-way hash versus an encrypted string for two reasons, first is there isn't a decryption method (aside from brute-force or something like an md5 dictionary) and second because if I md5() user input I am also successfully escaping it and preventing SQL injection as opposed to having to call mysql_escape_string() and then pass the escaped sequence for encryption against the database.

Again, all preference.
evilghost is offline   Reply With Quote