List:General Discussion« Previous MessageNext Message »
From:Michael T. Babcock Date:November 1 2002 2:50am
Subject:Re: password function
View as plain text  
On Thu, 2002-10-31 at 21:27, Elaine Kwek wrote:
> i hope someone can help me in my problem. I have use the password function
> in mysql to encrypt a string. Then when i try to get the encrypted password
> using php and compare with the password that user enter. although the user
> provide the correct password, but then the comparetion still fail. So, wat
> should i do to decrypt the password from mysql?
> 

The password function in MySQL is a one-way hash function.  If you
aren't familiar with those, look them up some time for some fun
reading.  For now, all you need to know is that the same data run
through the same one-way hash function will always result in the same
answer, but it can't be "decrypted".   So to compare, you do something
like:

.. create the password in the first place ...
INSERT INTO Passwords (User, Password) VALUES ("Michael",
PASSWORD("DumbPassword"));
.. then compare:
SELECT PASSWORD($UserPassword) as Check, Password FROM Passwords WHERE
User = "Michael";
.. where $UserPassword is the password the user used.  This will return
something like:
8asdf098df, 8asdf098df
In this case, you can just compare that Check and Password are equal and
the user entered the right password.
-- 
Michael T. Babcock
CTO, FibreSpeed Ltd.
Thread
password functionElaine Kwek1 Nov
  • Re: password functionDennis Salguero1 Nov
  • Re: password functionMichael T. Babcock1 Nov