Re: [PHP] Encryption/Decryption Question

On Thu, Aug 12, 2010 at 10:00 AM, tedd wrote: > At 8:09 PM -0400 8/11/10, Bastien Koert wrote: >> >> From my experience, I'd have to say that it would be a real tough go >> to crack that. If there was a weak point in the scheme is that your >> end result pattern ( the ssn ) is defined with a pair

RE: [PHP] Encryption/Decryption Question

From: tedd > At 8:09 PM -0400 8/11/10, Bastien Koert wrote: >>From my experience, I'd have to say that it would be a real tough go >>to crack that. If there was a weak point in the scheme is that your >>end result pattern ( the ssn ) is defined with a pair of constants, >>the hyphens. In our schem

Re: [PHP] Encryption/Decryption Question

At 3:48 AM -0400 8/12/10, Adam Richardson wrote: -- snip excellent points -- Of note, SS#'s are a special piece of data, not only because of their power, but because of their lifetime (normally as long as the individual lives.) This is very different from a credit card which gets updated every

Re: [PHP] Encryption/Decryption Question

At 8:09 PM -0400 8/11/10, Bastien Koert wrote: From my experience, I'd have to say that it would be a real tough go to crack that. If there was a weak point in the scheme is that your end result pattern ( the ssn ) is defined with a pair of constants, the hyphens. In our scheme we remove the dash

Re: [PHP] Encryption/Decryption Question

On 12 August 2010 09:48, Adam Richardson wrote: > On Wed, Aug 11, 2010 at 6:50 PM, tedd wrote: *snip* > >   1. MD5 - Use of this old algorithm to produce your keys limits your key >   space due to collisions AND the fact that 3DES accepts keys longer than the >   128 bit output MD5 produces.  A

Re: [PHP] Encryption/Decryption Question

On Wed, Aug 11, 2010 at 6:50 PM, tedd wrote: > Hi gang: > > Okay, a question to the Encryption/Decryption gurus out there. > > If you were given: > > 1. This encrypted string: > > p3IVhDBT26i+p4vd7J4fAw== > > 2. Were told it was a social security number (i.e., in the form of > 123-45-6789). > > 3

Re: [PHP] Encryption/Decryption Question

On 12 August 2010 02:07, Josh Kehn wrote: > On Aug 11, 2010, at 6:50 PM, tedd wrote: > >> Hi gang: >> >> Okay, a question to the Encryption/Decryption gurus out there. >> >> If you were given: >> >> 1. This encrypted string: >> >> p3IVhDBT26i+p4vd7J4fAw== >> >> 2. Were told it was a social securit

Re: [PHP] Encryption/Decryption Question

>From my experience, I'd have to say that it would be a real tough go to crack that. If there was a weak point in the scheme is that your end result pattern ( the ssn ) is defined with a pair of constants, the hyphens. In our scheme we remove the dashes and just provide a mask for display. We also

Re: [PHP] Encryption/Decryption Question

On Aug 11, 2010, at 6:50 PM, tedd wrote: > Hi gang: > > Okay, a question to the Encryption/Decryption gurus out there. > > If you were given: > > 1. This encrypted string: > > p3IVhDBT26i+p4vd7J4fAw== > > 2. Were told it was a social security number (i.e., in the form of > 123-45-6789). > >

Re: [PHP] Encryption/decryption of PHP data

Edward Diener wrote: >> why not just use https protocol. all data between client and server >> will be encrypted. > > The data must be encrypted/decrypted going both ways between the > client and the server. Does using https automatically do that ? If it > does that would be great. > Yes, that

Re: [PHP] Encryption/decryption of PHP data

paragasu wrote: if you want client to send encrypted form to server. then it must be done using some kind of client side script (javascript?). I am using C++. i don't think it is reliable. Why would it not be reliable if I were using a public-key/private-key encryption library which works

Re: [PHP] Encryption/decryption of PHP data

Per Jessen wrote: Edward Diener wrote: Phpster wrote: In reading the license I believe it refers to the gnupg itself, not the application it may be embedded in. You are completely free to use gnupg as you choose including modifying it to meet your needs. I always thought the GNU public licens

Re: [PHP] Encryption/decryption of PHP data

if you want client to send encrypted form to server. then it must be done using some kind of client side script (javascript?). i don't think it is reliable. why not just use https protocol. all data between client and server will be encrypted. On 1/1/09, Per Jessen wrote: > Edward Diener wrote:

Re: [PHP] Encryption/decryption of PHP data

Edward Diener wrote: > Phpster wrote: >> In reading the license I believe it refers to the gnupg itself, not >> the application it may be embedded in. You are completely free to use >> gnupg as you choose including modifying it to meet your needs. > > I always thought the GNU public license deman

Re: [PHP] Encryption/decryption of PHP data

Phpster wrote: In reading the license I believe it refers to the gnupg itself, not the application it may be embedded in. You are completely free to use gnupg as you choose including modifying it to meet your needs. I always thought the GNU public license demanded that any non-free modules, w

Re: [PHP] Encryption/decryption of PHP data

As I understand it: You can LINK your commercial binary with GPL binaries, and keep closed source. You cannot co-mingle the two C source codes together and keep it closed. I am fairly certain you can find commercial C++ offerings to generate PGP key pairs, instead of using the GnuPG OSS

Re: [PHP] Encryption/decryption of PHP data

In reading the license I believe it refers to the gnupg itself, not the application it may be embedded in. You are completely free to use gnupg as you choose including modifying it to meet your needs. Bastien Sent from my iPod On Dec 30, 2008, at 10:50 PM, Edward Diener wrote: My clien

Re: [PHP] Encryption failing

2008. 01. 17, csütörtök keltezéssel 12.14-kor Ken Kixmoeller -- reply to [EMAIL PROTECTED] ezt írta: > (forgot to copy the list) > > On Jan 16, 2008, at 5:08 PM, Richard Lynch wrote: > > > > Is it possible that 4% of the time, you have spaces on the start/end > > of the string, which get trimmed

Re: [PHP] Encryption failing

(forgot to copy the list) On Jan 16, 2008, at 5:08 PM, Richard Lynch wrote: Is it possible that 4% of the time, you have spaces on the start/end of the string, which get trimmed before encryption? In this case, no. In trying to simplify the situation to narrow the possibilities of error,

Re: [PHP] Encryption failing

Is it possible that 4% of the time, you have spaces on the start/end of the string, which get trimmed before encryption? And if rijndael is one of the algorithms which requires a fixed-size input, that also would be "bad" to trim it. If you need multiple of 16 bytes input, leave the input alone.

Re: [PHP] Encryption failing

On Tue, January 15, 2008 10:48 pm, Casey wrote: > On Jan 15, 2008 8:40 PM, Ken Kixmoeller -- reply to [EMAIL PROTECTED] > <[EMAIL PROTECTED]> wrote: >> >> On Jan 15, 2008, at 11:08 PM, Andrés Robinet wrote: >> >> >> > I second that, you should base64 encode values before encrypting >> > and base6

Re: [PHP] Encryption failing

Many thanks, Mike --- yours works great... 0 errors. On Jan 16, 2008, at 9:24 AM, mike wrote: function data_encrypt($data) { if(!$data) { return false; } return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $GLOBALS['config']['salt'], $data, 'cbc', md5($GLOBALS['config'][' s

Re: [PHP] Encryption failing

On 1/16/08, Ken Kixmoeller -- reply to [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > On Jan 16, 2008, at 1:28 AM, Andrés Robinet wrote: > > His other post explains that php didn't seem to like spaces. No > spaces in the test strings -- I'll check for those when/if I can get > the core en/decrypt

Re: [PHP] Encryption failing

On Jan 16, 2008, at 1:28 AM, Andrés Robinet wrote: 1 - Mike is right about first encrypting and then doing a base64_encode (then saving results to DB, cookies, etc). I don't know why replacing " " to "+" for decrypting, though. His other post explains that php didn't seem to like spaces

Re: [PHP] Encryption failing

On Jan 15, 2008, at 10:48 PM, Casey wrote: It returns the correct value. If you look at the last example, and run base64_decode on "MDAwMzEwMDI0NDA0MTMyOQ==", you will get "0003100244041329". Oops. "Haste makes crappy programming." Ken -- PHP General Mailing List (http://www.php.net/) To un

Re: [PHP] Encryption failing

On 1/15/08, Andrés Robinet <[EMAIL PROTECTED]> wrote: > 1 - Mike is right about first encrypting and then doing a base64_encode (then > saving results to DB, cookies, etc). I don't know why replacing " " to "+" > for decrypting, though. we have an application which sets an encrypted cookie in .

RE: [PHP] Encryption failing

> -Original Message- > From: mike [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 16, 2008 1:49 AM > To: Ken Kixmoeller -- reply to [EMAIL PROTECTED] > Cc: php-general@lists.php.net > Subject: Re: [PHP] Encryption failing > > > -

Re: [PHP] Encryption failing

> > if ($EorD == "D") { >$text_out = mdecrypt_generic($cypher,$text); >$text = base64_decode($text); shouldn't this be base64_decode($text_out) ? :) > } else { >$text= base64_encode($text); >$text_out = mcrypt_generic($cypher,$t

Re: [PHP] Encryption failing

On Jan 15, 2008 8:40 PM, Ken Kixmoeller -- reply to [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > On Jan 15, 2008, at 11:08 PM, Andrés Robinet wrote: > > > > I second that, you should base64 encode values before encrypting > > and base64 > > decode them after decrypting to be safe. > > > > Thank

Re: [PHP] Encryption failing

On Jan 15, 2008, at 11:08 PM, Andrés Robinet wrote: I second that, you should base64 encode values before encrypting and base64 decode them after decrypting to be safe. Thanks for the idea. Like this? Fails 500/500 times on my test. if ($EorD == "D") {

Re: [PHP] Encryption failing

On Jan 15, 2008, at 11:08 PM, Andrés Robinet wrote: I second that, you should base64 encode values before encrypting and base64 decode them after decrypting to be safe. Thanks for the idea. Like this? Fails 500/500 times on my test. if ($EorD == "D")

Re: [PHP] Encryption failing

On Jan 15, 2008, at 11:08 PM, Andrés Robinet wrote: -Original Message- From: Bastien Koert [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 16, 2008 12:55 AM To: Ken Kixmoeller -- reply to [EMAIL PROTECTED]; php- [EMAIL PROTECTED] Subject: RE: [PHP] Encryption failing are you

RE: [PHP] Encryption failing

> -Original Message- > From: Bastien Koert [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 16, 2008 12:55 AM > To: Ken Kixmoeller -- reply to [EMAIL PROTECTED]; php- > [EMAIL PROTECTED] > Subject: RE: [PHP] Encryption failing > > > are you base64 encodi

Re: [PHP] Encryption failing

d that > there are problems with certain characters that can result from the > encryption, usually a combination of characters that approximate a null or > end of line > > bastien> From: [EMAIL PROTECTED]> Date: Tue, 15 Jan 2008 21:41:45 -0600> To: > php-general@lists.

RE: [PHP] Encryption failing

21:41:45 -0600> To: php-general@lists.php.net> Subject: Re: [PHP] Encryption failing> > > On Jan 15, 2008, at 7:06 PM, Casey wrote:> > >> Maybe you could echo the results of the failed ones and compare.> > I did that at first, thinking that "something a

Re: [PHP] Encryption failing

On Jan 15, 2008, at 7:06 PM, Casey wrote: Maybe you could echo the results of the failed ones and compare. I did that at first, thinking that "something about these strings might cause the problem." But then I realized: I can't blame the data. I don't have any control over what users use

Re: [PHP] Encryption failing

On Jan 15, 2008, at 4:54 PM, "Ken Kixmoeller -- reply to [EMAIL PROTECTED] " <[EMAIL PROTECTED]> wrote: Hey --- - - I am in the process of upgrading the encryption technology I am using from (64 bit) blowfish to (256 bit) rijndael. The code (and some explanations) is below, but the results

Re: [PHP] Encryption Advice

On Sat, May 20, 2006 10:35 am, Lawrence Kennon wrote: > --- Rory Browne <[EMAIL PROTECTED]> wrote: > but does support Cardservice > International. These guys give you a PHP library that you http://php.net/include which then provides functions you can call which you pass in the CC# and they give yo

RE: [PHP] Encryption Advice

So let's say that I want to integrate a shopping cart with a PSP, right up to the moment they get to the checkout, they see my client's URL. They hit the "Checkout" button and then they will see the URL of the PSP? Then once they place the order then they are redirected back to my client's site a

Re: [PHP] Encryption Advice

--- Rory Browne <[EMAIL PROTECTED]> wrote: > It's better if, when it comes to time > to checkout, you redirect your client > to your Payment Service Providers (PSP's) > website, your PSP processes the payment, > and redirects the client back to your > site. The PSP would then contact you > di

Re: [PHP] Encryption Advice

DO NOT STORE CREDIT CARD NUMBERS!!! Period!!! If your PHP script can access them, then they are too accessible to the Bad Guys. Ditto Even if nothing else, someone could modify your code to email them the CC Numbers. It's better if, when it comes to time to checkout, you redirect your client

RE: [PHP] Encryption Advice

> Are there any employees who have access to this PC? What sort of > background checks have you run on every employee? > > Do you REALLY want to run the risk of having to DESTROY your > reputation with all your customers? > Not only all that, but suppose one of your customers has his CC info

Re: [PHP] Encryption Advice

On Fri, May 19, 2006 3:00 pm, Lawrence Kennon wrote: > But just out of curiousity, let's assume you are > running a shopping cart which takes credit cards and > passes them on to whomever approves them and you don't > _ever_ write this info to files. Aren't you also > vulnerable to someone being ab

RE: [PHP] Encryption Advice

On Fri, May 19, 2006 1:36 pm, Lawrence Kennon wrote: > In regards to GNU Privacy Guard (gpg), I did actually > manage to get that to work in the hosting environment > (without the help of the hosting support folks! :). I > use a directive to tell gpg to not warn me about > "using insecure memory" b

Re: [PHP] Encryption Advice

On Fri, May 19, 2006 8:54 am, Lawrence Kennon wrote: > For an ecommerce site where sensitive data is stored > either in files, or in a database, have you used some > form of encryption to protect your customer's data? > > I have a client who currently uses a Perl scripted > shopping cart that store

RE: [PHP] Encryption Advice

> --- Koen Martens <[EMAIL PROTECTED]> wrote: > > > But your unencrypted data is there, so someone could > > possibly snoop > > that from the insecure memory. > > This is true. > > I am going to ask the hosting company to setuid gpg as > root. That should solve one problem (from gpg docs): > >

Re: [PHP] Encryption Advice

--- Koen Martens <[EMAIL PROTECTED]> wrote: > But your unencrypted data is there, so someone could > possibly snoop > that from the insecure memory. This is true. I am going to ask the hosting company to setuid gpg as root. That should solve one problem (from gpg docs): "This is necessary to l

Re: [PHP] Encryption Advice

Lawrence Kennon wrote: > I use a directive to tell gpg to not warn me about > "using insecure memory" but since no private keys > reside on this host I think I can safely ignore that > (they can't steal what is not there). But your unencrypted data is there, so someone could possibly snoop that fr

RE: [PHP] Encryption Advice

Re: Encryption Advice First off, thanks to the folks who replied with advice. I am mulling over your advice (and I greatly appreciate it!). I have been doing PHP programming for a couple years, including secure sites, but this is my first ecommerce venture, so I am trying to learn as much as I can

RE: [PHP] Encryption Advice

> > For an ecommerce site where sensitive data is stored > either in files, or in a database, have you used some > form of encryption to protect your customer's data? > > I have a client who currently uses a Perl scripted > shopping cart that stores orders (including credit > card numbers) in pl

Re: [PHP] Encryption Advice

On 5/19/06, Lawrence Kennon <[EMAIL PROTECTED]> wrote: For an ecommerce site where sensitive data is stored either in files, or in a database, have you used some form of encryption to protect your customer's data? I have a client who currently uses a Perl scripted shopping cart that stores orde

RE: [PHP] encryption needed?

If you've set things up so that the id is available client-side, then there's no point in encrypting the id (by any encryption methods). If the id is stored in the client browser, then you'd better make sure it's linked to public data. > [Original Message] > From: klaus <[EMAIL PROTECTED]> > To:

RE: [PHP] encryption needed?

I wouldn't encrypt the ID, but I can't help wonder why you don't want people knowing the company's ID. They can get access to it if you're storing it client-side. This is like using a single script to view documents where you provide the ID of the document to display. http://localhost/view.php?I

RE: [PHP] Encryption Question SOLVED

[snip] I am encrypting some data on one server and now I am attempting to decrypt on another server using mcrypt_encrypt and mycrypt_decrypt (using same key and initialzation vector). It is almost working but I seem to still have a little problem, that data is missing the last character which st

Re: [PHP] Encryption question

I wouldn't use crypt, instead use one of the proven more secure hashes like md5 or sha1. For password hashing I'd use md5 (PHP 3 and 4) if you want broad support or sha1 for a little more security (sha1 hasn't been in PHP as long (only since 4.3.0) so you will lose some compatability, Ryan T

RE: [PHP] Encryption question

php-gen Subject: Re: [PHP] Encryption question md5 is a one-way hash function. It is great for passwords. (I'm not sure if that technically qualifies as encryption because it is nearly impossible to decrypt..hmm) Anyway, I would recommend using it. - Brad -- PHP General Mailing List

Re: [PHP] Encryption question

On Fri, 2003-10-10 at 20:31, Ryan Thompson wrote: > I know this is an opinion thing but what's the best functions or function set > for password encryption? > > Currently my project uses md5 but I thinks it's more for checksums isn't it? > Also, is mcrypt used for passwords? I looks like it's a t

Re: [PHP] Encryption question

Sorry. Just stumbled on crypt() On Friday 10 October 2003 22:31, Ryan Thompson wrote: > I know this is an opinion thing but what's the best functions or function > set for password encryption? > > Currently my project uses md5 but I thinks it's more for checksums isn't > it? Also, is mcrypt used

Re: [PHP] Encryption using MMCrypt - whats the point?

Using a PHP encoder or compiling a binary does not make it more secure than storing the IV and encryption key in plain text in a PHP script. The problem is the fact that the encryption cipher requires the same key for encryption and decryption, this is not a problem in many encryption cases but in

Re: [PHP] Encryption using MMCrypt - whats the point?

Title: Re: [PHP] Encryption using MMCrypt - whats the point? Granted, the $350 stand-alone encoder is a bit expensive. I'm talking about the online encoder though, you pass your PHP script through the online-control center and it output's the encrypted version, a typical PHP progra

Re: [PHP] Encryption using MMCrypt - whats the point?

Adam/Lowell: Thanks for the suggestions ­ but like all clients ­ they want maximum function for minimum $$ - encoders are therefore not a possibility (but I will keep that in mind for future apps :)) Thanks. On 1/30/03 9:55 AM, "Adam Voigt" <[EMAIL PROTECTED]> wrote: > http://www.ioncube.com/ >

Re: [PHP] Encryption using MMCrypt - whats the point?

http://www.ioncube.com/ Encrypt PHP scripts (there pretty cheap to). On Thu, 2003-01-30 at 09:30, Mike Morton wrote: I want to use the mcrypt functions to encrypt credit card numbers for storage in a mysql database, which mycrypt does admirably: $key =

Re: [PHP] Encryption using MMCrypt - whats the point?

Could you use the Zend Encoder to encrypt the PHP script? -- Lowell Allen > From: Mike Morton <[EMAIL PROTECTED]> > Date: Thu, 30 Jan 2003 09:30:36 -0500 > To: <[EMAIL PROTECTED]> > Subject: [PHP] Encryption using MMCrypt - whats the

Re: [PHP] Encryption using MMCrypt - whats the point?

Not a good idea, you might look at some form of public key encryption where you encrypt the credit card information with the public key and the merchant decrypts it with their private key that is not on the server. You generally do not want to store the information encrypted with mcrypt because in

RE: [PHP] Encryption Question

Just how are you going to decrypt it? Password encryption is ordinarily one-way - you have no choice. You have to compare encrypted passwords. -Original Message- From: Tom Ray [mailto:[EMAIL PROTECTED]] SI want to compare a password to a encrypted password stored in my mySQL database usin

RE: [PHP] Encryption Question

> I want to compare a password to a encrypted password stored in my mySQL > database using password('password'), what's the best way to compare the > two? > > Encrypted the password sent by the user and compare or pull the password > from the database based on username, decrypt it and then compar

Re: [PHP] Encryption of emails.

- From: "Justin French" <[EMAIL PROTECTED]> To: "Bob Irwin" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, September 05, 2002 4:00 PM Subject: Re: [PHP] Encryption of emails. > Perhaps not EXACTLY what you're after, but I wrote a small, sim

Re: [PHP] Encryption of emails.

Perhaps not EXACTLY what you're after, but I wrote a small, simple function to encrypt a string with a key (i'll skip a long note about keeping the key safe). Then I send an email with the data encrypted, and decrypt it at the other end (me) using a decrypt script located on my local server. It

[PHP] Re: PHP encryption

>My company is going to be >1. Hosting our code on other people servers >2. selling our programs. > >We are going to be needing to encrypt the codewhat would you all >suggest? >How about Zend Encoder...is it any good? (even though its so much $$) Disclosure: I'm a former employee and come wi

RE: [PHP] encryption and HTTP

The PHPLIB auth class has some code to do this. You might want to look there for ideas. If I recall correctly, they sent a hidden random string along with the form that was different on each request. They then did an md5 hash of the post data concatenated with the random string. Kirk > -Orig

Re: [PHP] encryption

27;testpass'); Good luck, Tyler Longren - Original Message - From: "Valter Santos" <[EMAIL PROTECTED]> To: "Brian Clark" <[EMAIL PROTECTED]>; "PHP is not a drug." <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 9:34 AM Subject: Re: [PHP]

Re: [PHP] encryption

Brian Clark" <[EMAIL PROTECTED]> To: "PHP is not a drug." <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 2:48 PM Subject: Re: [PHP] encryption > * Justin French <[EMAIL PROTECTED]> [Dec 06. 2001 07:33]: > > > Can someone give me a brief over view

Re: [PHP] encryption

* Justin French <[EMAIL PROTECTED]> [Dec 06. 2001 07:33]: > Can someone give me a brief over view of how to encrypt a password and > store it in a MySQL DB, then be able to validate thier plain text > password on login against the encrypted one on the DB? An alternative is to just store an Md5 o

Re: [PHP] encryption

UPDATE members set passwd=PASSWORD(passwd); "select login from members where PASSWORD($form_pass)=passwd;" Regards, Adnrey Hristov - Original Message - From: "Justin French" <[EMAIL PROTECTED]> To: "php" <[EMAIL PROTECTED]> Sent: Thursday, December 06, 2001 2:32 PM Subject: [PHP] encry

RE: [PHP] encryption

MySQL has a PASSWORD() function which encrypts passwords for you!!! Retrieving the user records using the username and encrypted password as selection criteria will either bring back the appropriate record (ie the log in worked) or no record (ie password/username supplied were incorrect) HTH

Re: [PHP] encryption

> > > Thoughts? > > Sheridan > > > > - Original Message - > > From: Francis Fillion <[EMAIL PROTECTED]> > > To: Tom Malone <[EMAIL PROTECTED]> > > Cc: PHP Users <[EMAIL PROTECTED]> > > Sent: Thursday, July 19, 2001 5:14 PM &

Re: [PHP] encryption

PROTECTED]> > Cc: PHP Users <[EMAIL PROTECTED]> > Sent: Thursday, July 19, 2001 5:14 PM > Subject: Re: [PHP] encryption > > > One of my friends has a rsa key somethings, what it does is that at > > every few minutes it generate a random number so for login on

Re: [PHP] encryption

: Francis Fillion <[EMAIL PROTECTED]> To: Tom Malone <[EMAIL PROTECTED]> Cc: PHP Users <[EMAIL PROTECTED]> Sent: Thursday, July 19, 2001 5:14 PM Subject: Re: [PHP] encryption > One of my friends has a rsa key somethings, what it does is that at > every few minutes it generat

Re: [PHP] encryption

t; From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 19, 2001 3:21 PM > To: Sheridan Saint-Michel > Cc: php-general > Subject: Re: [PHP] encryption > > Ahh, well then, another solution could be to use SSL, depends on your > application weather you can g

RE: [PHP] encryption

ssage- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 19, 2001 3:21 PM To: Sheridan Saint-Michel Cc: php-general Subject: Re: [PHP] encryption Ahh, well then, another solution could be to use SSL, depends on your application weather you can get away with using an unsig

Re: [PHP] encryption

n > > - Original Message - > From: Jeff Bearer <[EMAIL PROTECTED]> > To: Tom Malone <[EMAIL PROTECTED]> > Cc: PHP Users <[EMAIL PROTECTED]> > Sent: Thursday, July 19, 2001 12:17 PM > Subject: Re: [PHP] encryption > > > > I'd use the pass

Re: [PHP] encryption

. That way the only thing that ever gets transmitted is an md5 hash =P Sheridan - Original Message - From: Jeff Bearer <[EMAIL PROTECTED]> To: Tom Malone <[EMAIL PROTECTED]> Cc: PHP Users <[EMAIL PROTECTED]> Sent: Thursday, July 19, 2001 12:17 PM Subject: Re: [PHP] encr

Re: [PHP] encryption

I'd use the password function in mysql to store encrypted passwords, I'd be interested to hear if anyone has a reason that doing this is not a good idea. On Thu, Jul 19, 2001 at 12:52:55PM -0400, Tom Malone wrote: > Hello! > > I have a small problem. On my website there is some information

Re: [PHP] encryption methods?

Butler, Shaun pressed the little lettered thingies in this order... > check out the crypt() function > > http://www.php.net/manual/en/function.crypt.php > > if you don't care about decrypting the password this works fine. > > --Shaun > Umm... You've misunderstood something. The reason why y

Re: [PHP] encryption methods?

check out the crypt() function http://www.php.net/manual/en/function.crypt.php if you don't care about decrypting the password this works fine. --Shaun On Friday 13 July 2001 15:26, Johnson, Kirk wrote: > One approach to password security is to put the passwords in a file outside > Document Ro

RE: [PHP] encryption methods?

One approach to password security is to put the passwords in a file outside Document Root, then include that file in your scripts when you need a password. Kirk > -Original Message- > From: Adrian Teasdale [mailto:[EMAIL PROTECTED]] > Sent: Friday, July 13, 2001 1:10 PM > To: [EMAIL PROT

Re: [PHP] Encryption (Browser Side)

Don't know much about LDAP so I can't answer those questions, but the only way (short of creating/requiring a plug-in just to encrypt the data, which isn't a good idea) to have the user send an encrypted password is to use SSL on the login/creation page. That means you can't ever send their passwo

RE: [PHP] Encryption Problem

quite possibly you did not compile PHP with mcrypt library support. for linux distrib's, mcrypt is not default, you have to specify ./configure --with-mcrypt to get mcrypt functionality (i dont know whether it's included by default with the win binary, but i doubt it) do the phpinfo() thing and

Re: [PHP] Encryption

>I am trying to do a simple encryption on a credit card number to store in a mysql text field. >I also have to de-crypt the number after exporting to an access db. >I tried to use xor encryption, but it seems to only work half the time, the other half, I >can't seem to de-crypt the # properly, som