Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

reverse PASSWORD()

Status
Not open for further replies.
michelleqw

michelleqw

Programmer
Jan 4, 2004
120
DE
Dear users,

In my table I place a password encrypted with the function PASSWORD(). What is the function to get the original password?

Michelle.
 
Sort by date Sort by votes
PHP doesn't have a function named password(). So this question is specific to the unspecified database you are using.

Typically, though, password-encryption functions do not encrypt values, they hash them. Hashes, by design, are one-way.


Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
I normally hash with MD5, its basic but does the job.

Code: 
<?

$pass = "abcd";

$md5pass = md5($pass);

echo "before MD5:  $pass<BR><BR>";
echo "After MD5:   $md5pass<BR><BR>";

?>

If you have a login system (or a members area) hash the chosen password on signup and send the hashed value to the database. Then when a user logs in and enters there password, hash it again and send it to the database to check.

You've now got MD5 passwords. For use with Mysql the databases password field should be varchar for type and 32 characters long.

HTH

Triangular sandwiches taste better than square ones.

Rob
 
Upvote 0 Downvote
It works really well. Not too complex and is a little better than sending the password in cleartext on a http (unsecured) connection.

Triangular sandwiches taste better than square ones.

Rob
 
Upvote 0 Downvote
only problem: you cant resend their password to them via email...

wont be able 2 read it...

solution:

update the database to a random pword e.g. afkf92s, email them that, and they change it :)

good luck


Regards,

Martin

Gaming Help And Info:
 
Upvote 0 Downvote
Thats what i do to (enter username here and email address), it sets a flag in a database then gets picked up by an every 5 minute job in cron and they get there mail with new password.

Triangular sandwiches taste better than square ones.

Rob
 
Upvote 0 Downvote
I think I would flag in the table, "reset passwd" with a timestamp.

Then I would email the user an "reset passwd" link, with a:

where 123 would be the user_id.

Then the script would check if datediff() on the "reset passwd) vs. NOW() was > 5. If not, set passwd to RanString() (random), else: tell user to request password reset again.

almost the same as samples above, but I think it should not reset passwd, untill the user has clicked the link in his browser.

You could also add some fields: passwd hint, etc. for further verification, but I doubt it's really needed.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

svar
  • Locked
  • Question
Password verification
Replies
5
Views
102
jpadie
jpadie
Skippie1
  • Locked
  • Question
Add random password into my SQL database
Replies
5
Views
129
Skippie1
Skippie1
MikeM2468
  • Locked
  • Question
LDAP Change Password Script
Replies
1
Views
108
MikeM2468
MikeM2468
infinitizon
  • Locked
  • Question
Generate random password
Replies
3
Views
129
infinitizon
infinitizon
bigdan
  • Locked
  • Question
PHP log in password protected page
Replies
1
Views
54
jpadie
jpadie

Part and Inventory Search

Sponsor

Back
Top