List:General Discussion« Previous MessageNext Message »
From:Jim Lyons Date:June 3 2010 7:07pm
Subject:Re: Geting current user pasword.
View as plain text  
You mean  the mysql password of the user?  No, you can't get that,
even the server can't get it, at least not the clear-text version.
When you create/change your password an encrypted version is stored in
the mysql.user table along with the hostname.  If you have "SELECT"
permission on that table, you can get the encrypted version.  You
could use that for some sort of separate authentication by encrypting
a user-supplied password and comparing the 2 encrypted strings but you
can't get the actual password.

In other words, if the password is 'cat' you only see
'*FD98809C60DD51B6B380DB17B72F9A9E2FE1928F in mysql.user.  You could
have code that checked a user-supplied password, like:

if password(@pwd) = '*FD98809C60DD51B6B380DB17B72F9A9E2FE1928F'

but that's it.

Jim

On Thu, Jun 3, 2010 at 12:12 PM, Guillermo <srguillermoh@stripped> wrote:
>
> Hello,
>   I need to get the user and password from the current session. I found the
> user() function, wich gets the username, is there anything like that to get
> the password ?
>
> Thx
>
> Guillermo
>
>
> __________ Información de ESET NOD32 Antivirus, versión de la base de
> firmas
> de virus 5170 (20100603) __________
>
> ESET NOD32 Antivirus ha comprobado este mensaje.
>
> http://www.eset.com
>
>
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:    http://lists.mysql.com/mysql?unsub=1
>
>



-- 
Jim Lyons
Web developer / Database administrator
http://www.weblyons.com
Thread
Geting current user pasword.Unknown Sender3 Jun
  • Re: Geting current user pasword.Dan Nelson3 Jun
  • Re: Geting current user pasword.Michael Dykman3 Jun
    • Re: Geting current user pasword.Johan De Meersman4 Jun
  • Re: Geting current user pasword.Jim Lyons3 Jun