Password

Links for php scripts

Moderators: macek, egami, gesf

kiwi
New php-forum User
New php-forum User
Posts: 124
Joined: Sun Feb 29, 2004 6:26 am
Contact:

Password

Postby kiwi » Fri Jul 02, 2004 10:11 am

how to encryp and decryp a password ? and how to auto generate an ID number (6 digit) with 2 charater and 4 number? thanks

User avatar
swirlee
Moderator
Moderator
Posts: 2272
Joined: Sat Jul 05, 2003 1:18 pm
Location: A bunk in the back
Contact:

Postby swirlee » Fri Jul 02, 2004 10:36 am

Typically you encrypt passwords with an unique, irreversible hash like md5(), crc32(), or sha1(). You store the hashed password in your database and when the user enters the password to login, you hash it as well and see if they match. You don't decrypt them.

To generate unique ids, you can use uniqid(), but it won't return a number to your specification. When you say "with 2 characters and 4 numbers", what exactly do you mean? Is there a particular format you're after?

kiwi
New php-forum User
New php-forum User
Posts: 124
Joined: Sun Feb 29, 2004 6:26 am
Contact:

Postby kiwi » Fri Jul 02, 2004 10:58 am

the example is "MM0002",

encryp the password to prevent user to see,

but to decryp the password to check for validation when a user want to edit the password

any code to decryp a password?

User avatar
swirlee
Moderator
Moderator
Posts: 2272
Joined: Sat Jul 05, 2003 1:18 pm
Location: A bunk in the back
Contact:

Postby swirlee » Fri Jul 02, 2004 11:39 am

You never decrypt the password, because it's not necessary. If you encrypt the password the user enters on the login page, it will match the encrypted copy in the database, and you know it's correct. Allowing passwords to be decrypted presents too much of a security risk and no advantages.

Your example of an automatically-generated id ("MM0002") doesn't tell me anything. Are the numbers and letters random? Or sequential? Is the MM constant? How, exactly, do you want them generated?

kiwi
New php-forum User
New php-forum User
Posts: 124
Joined: Sun Feb 29, 2004 6:26 am
Contact:

Postby kiwi » Fri Jul 02, 2004 11:53 am

example is
1."MM0001"
2."MM0002"
3."MM0003"
...
...

...

...

...

thanks

User avatar
swirlee
Moderator
Moderator
Posts: 2272
Joined: Sat Jul 05, 2003 1:18 pm
Location: A bunk in the back
Contact:

Postby swirlee » Fri Jul 02, 2004 12:56 pm

So they all start with MM? Then why have the MM at all? Get rid of it and just use a MySQL AUTO_INCREMENT column.

Otherwise every time you do an INSERT you're going to have to look up the largest value, which is going to be a hassle and slow things down.

User avatar
WiZARD
Moderator
Moderator
Posts: 1257
Joined: Thu Jun 20, 2002 10:14 pm
Location: Ukraine, Crimea, Simferopol
Contact:

Postby WiZARD » Sat Jul 03, 2004 2:00 am

kiwi wrote:the example is "MM0002",

encryp the password to prevent user to see,

but to decryp the password to check for validation when a user want to edit the password

any code to decryp a password?

try use thi algorythm:

regitration:
1) inputed password
2) encryp the password and add to DB

validation:
1) inputed password
2) compare: user entered encryp(password) and DB record


Return to “PHP Scripts”

Who is online

Users browsing this forum: No registered users and 1 guest