"John Nichel" <[EMAIL PROTECTED]> wrote in message<snip>
Not that this would make your site more secure (well, I guess it would be more secure than plain text), but just use it in your query....
INSERT INTO someDB.someTable ( username, password ) VALUES ( '{$username}', PASSWORD('{$password}');
-- By-Tor.com It's all about the Rush http://www.by-tor.com
Thank you for your replies,
can i just confirm that the user uses the encrypted version of the password or the originally inserted version to login?
Thanks for your help
Yes, you can. But by the time it has reached the MySQL server, it has passed from the client to your server via plain text, and to my understanding (I may be wrong here), MySQL's built in password function isn't all that secure. For better security, I would suggest a combination of https and md5, or write a custom encryption function.
-- By-Tor.com It's all about the Rush http://www.by-tor.com
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
