can some one knows

marlyandedsel · 12/02/2010, 07:19

my password in my pserver is

password: 1041978372005
in my mysql it is ??????T??}?OB

if i'm going to create register page
and register the password which is

password: hello
in my mysql it is hello

how to convert it like the above or something like that..

thanks in advance ....

~~pro4never~~ · 12/02/2010, 09:16

Sounds like your source is using encrypted passwords in the database.

You can do one of three things.

#1: Encrypt the password before adding it to the database. Requires decent knowledge of php or use an existing register script that has it

#2: Don't enter a password to the database and simply set it on user first login (check if db password blank and then set it to the encrypted password received from the client)

#3: Don't encrypt database passwords. Do this through decrypting the password before checking it vs database password.

Simple stuff really.

marlyandedsel · 12/02/2010, 09:22

Quote:

Originally Posted by pro4never

Sounds like your source is using encrypted passwords in the database.

You can do one of three things.

#1: Encrypt the password before adding it to the database. Requires decent knowledge of php or use an existing register script that has it

#2: Don't enter a password to the database and simply set it on user first login (check if db password blank and then set it to the encrypted password received from the client)

#3: Don't encrypt database passwords. Do this through decrypting the password before checking it vs database password.

Simple stuff really.

i will try your advice

Basser · 12/02/2010, 15:16

Quote:

Originally Posted by pro4never

Sounds like your source is using encrypted passwords in the database.

You can do one of three things.

#1: Encrypt the password before adding it to the database. Requires decent knowledge of php or use an existing register script that has it

#2: Don't enter a password to the database and simply set it on user first login (check if db password blank and then set it to the encrypted password received from the client)

#3: Don't encrypt database passwords. Do this through decrypting the password before checking it vs database password.

Simple stuff really.

Easy? Maybe if you take the crypto from some public source, but if you don't, it won't be that easy. Except for method 2, which since the new password cryptography was added is a very bad method.

JobvdH · 12/02/2010, 15:18

Quote:

Originally Posted by Basser

Easy? Maybe if you take the crypto from some public source, but if you don't, it won't be that easy. Except for method 2, which since the new password cryptography was added is a very bad method.

Uhh yes maybe easy for him, but for some "Dummy Coders" its hard..

~~pro4never~~ · 12/03/2010, 01:08

Quote:

Originally Posted by Basser

Easy? Maybe if you take the crypto from some public source, but if you don't, it won't be that easy. Except for method 2, which since the new password cryptography was added is a very bad method.

Yes, I'm hopeless with php so method 1 is kind hard.

Method 2 is easy to do but not a good way of doing things.

#3 is easy but depends on how secure your db is... personally I have no issue with it but that's just me.

marlyandedsel · 12/03/2010, 16:56

Quote:

Originally Posted by JobvdH

Uhh yes maybe easy for him, but for some "Dummy Coders" its hard..

yes method 2 is bad things... I am looking at the auth.. or what you called it.. in the source understanding how the password setting up in the database.... hmm.. kinda hard but still im on it now trying to understand...