Hello,
Is it possible to give to mysql_connect an encrypted (md5 or sha1)
password?
If not is there a workaround?
I store passwords for users in database and don't want to use plain
text passwords.
Then I use that information to connect to the database. So every user
have his own database.
They are usually not in the same host even. So it would be nice to be
able to give to mysql_connect
and encrypted password instead of the plain one.
Thanks, any help appreciated.
Shmuel
5  6063 
..oO(Shmuel)
>Is it possible to give to mysql_connect an encrypted (md5 or sha1)
password?
If not is there a workaround?
I store passwords for users in database and don't want to use plain
text passwords.
The passwords in the MySQL user database are already encrypted. Have a
look at the PASSWORD() function.
Micha
Thanks for your answer.
What I mean, though, is that I need to connect to the database
with an password that is encrypted, like this:
mysql_connect('host', 'user',
'5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8');
I store that password in database, and want to have it encrypted.
I am not talking about passwords that are in the mysql table,
but instead a table of my own that has the user information.
So if somebody gets into my db server, he wont see the passwords as
they are,
but instead encrypted.
On Oct 8, 5:49 pm, Michael Fesser <neti...@gmx.dewrote:
.oO(Shmuel)
Is it possible to give to mysql_connect an encrypted (md5 or sha1)
password?
If not is there a workaround?
I store passwords for users in database and don't want to use plain
text passwords.
The passwords in the MySQL user database are already encrypted. Have a
look at the PASSWORD() function.
Micha
The mysql_connect() call gets the password your website uses on the
database. That should NOT be the same as your user's passwords.
Rather, it should be something you keep secret from anyone else.
Yes, but I connect to the user's database (over the net) dynamically,
getting the values from my database. I'm working on a CMS that
is used to modify data in databases that are not on the same server,
they are wherever the user have them. And also I don't have access
to the mysql database on my hosting provider, so I couldn't store
there the user details there.
Shmuel wrote:
>The mysql_connect() call gets the password your website uses on the
database. That should NOT be the same as your user's passwords.
Rather, it should be something you keep secret from anyone else.
Yes, but I connect to the user's database (over the net) dynamically,
getting the values from my database. I'm working on a CMS that
is used to modify data in databases that are not on the same server,
they are wherever the user have them. And also I don't have access
to the mysql database on my hosting provider, so I couldn't store
there the user details there.
First of all, most hosts disallow connections from over the internet,
for security reasons. I know all of my sites are like that. You can
connect from the server Apache is running on, but that's all. So right
there you're going to have a problem.
And you wouldn't store them in the mysql tables, anyway. That would be
the userid and passwords for your MySQL. You store them in your own tables.
And finally, you need to be asking these questions in
comp.databases.mysql. None of this has anything to do with PHP.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attglobal.net
==================
On 8 Oct, 19:49, Shmuel <shmue...@gmail.comwrote:
Thanks for your answer.
What I mean, though, is that I need to connect to the database
with an password that is encrypted, like this:
mysql_connect('host', 'user',
'5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8');
I store that password in database, and want to have it encrypted.
I am not talking about passwords that are in the mysql table,
but instead a table of my own that has the user information.
So if somebody gets into my db server, he wont see the passwords as
they are,
but instead encrypted.
On Oct 8, 5:49 pm, Michael Fesser <neti...@gmx.dewrote:
.oO(Shmuel)
>Is it possible to give to mysql_connect an encrypted (md5 or sha1)
>password?
>If not is there a workaround?
>I store passwords for users in database and don't want to use plain
>text passwords.
The passwords in the MySQL user database are already encrypted. Have a
look at the PASSWORD() function.
Micha
You're not making it any more secure by doing that - you've just
changed one password for another.
If you don't want to store the unencrypted password on the filesystem
then you need to encrypt (reversibly) it with something not available
elsewhere - e.g. a users password supplied in a request. (putting the
key in the Apache startup env won't help either). But you're making
your system very complex by doing this.
Find a different way to solve the problem. If it is a problem.
C. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: sffan |
last post by:
I am new to database programming and was curious how others solve the
problem of storing encrypted in data in db table columns and then
subsequently searching for these records.
The particular...
|
by: Ian Davies |
last post by:
Hello
I would like to query the user table of the mysql database from my VB
application to check that a user's password entered in a text field on a
form corresponds to that users password in the...
|
by: Jill Elaine |
last post by:
I am building an Access 2002 frontend with linked tables to an
encrypted Paradox 7 database. When I first create these linked tables,
I'm asked for the password to the encrypted Paradox database,...
|
by: Michael |
last post by:
Hi,
I'm trying to do something which should be very simple - connect to the
MySQL database. Here is the call, followed by the error msg.
$conn = mysql_connect("localhost", "root", "");
...
|
by: Michael Sperlle |
last post by:
Is it possible? Bestcrypt can supposedly be set up on linux, but it seems
to need changes to the kernel before it can be installed, and I have no
intention of going through whatever hell that would...
|
by: GD |
last post by:
Hi All,
I've got MySQL 5.0.21 running on Windows Server 2003, and php running
on Apache on a Linux box (Fedora Core 4).
Previously when the pages were running on an IIS server the connection...
|
by: Bernard Dhooghe |
last post by:
The information center writes:
"Encryption Algorithm: The internal encryption algorithm used is RC2
block cipher with padding, the 128-bit secret key is derived from the
password using a MD2...
|
by: danishce |
last post by:
I want to generate 8 byte key using CBC MAC by applying encryption to whole message in vb.net.My code is:
//Main form Code
Imports System.Security.Cryptography
Dim plainText As String
...
|
by: n8kindt |
last post by:
i'm trying to create a secure scenario where no one will be able to know our encrypted database passcode. BUT if they login to a form in another database successfully, it will open the encrypted...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
| |
