Troy Moreland wrote:
> If I can't decrypt it, then I can't pass that password for the
> user. How do I keep passing the password then w/o having to write it to the
> session. Is that the right way to do it??
I don't know if this is the right way but what I would do is have a
login page that
At 12:05 PM 5/17/01 -0500, Troy Moreland wrote:
>I fully understand what you are saying. The problem is that I'm storing
>their password so that they don't have to re-enter it on each new page
>visited. If I can't decrypt it, then I can't pass that password for the
>user. How do I keep passing
I fully understand what you are saying. The problem is that I'm storing
their password so that they don't have to re-enter it on each new page
visited. If I can't decrypt it, then I can't pass that password for the
user. How do I keep passing the password then w/o having to write it to the
sess
What I do is md5() encrypt the password and store it in the text file or
database. Md5 is a one way algorithm, though, so you can never decrpyt the
password. What you do, is when you want to authenticate a user, you md5
encrypt the text they typed in and compare that to the md5 hash in your file
look in the manual for "md5"
~kurth
On Thu, 17 May 2001, Troy Moreland wrote:
> All,
>
> I am currently using sessions to store a user's ID, password and current
> login status. All works fine. The only issue is that the session file on
> the server is storing the password in plain text. Ho
5 matches
Mail list logo
