Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 01/05/2012 in all areas

  1. Looks good. It's not that big an effort what you gain. Seriously, You should md5 them. All you have to do is pass the string through the md5 function and you'll get it. To make it even more secure, You can concatenate a random string to the password too. All you have to do is md5 the login password and compare it against the stored hash in your database] Eg: //without salt $password = md5($_POST['password']); //with salt $password= md5( $_POST['password'] . 'my secret salt' ); You don't even have to escape it since the md5 can't contain any dangerous characters. A reason to use salt is because of the way md5s are 'decrypted' . They're not actually decrypted but are compared against a huge database of common strings and their hashes ( Admins, Could you confirm? ). So using a secret salt would change the hash would protect it from that approach too. Is that to me?If it is, Sure. I'm pretty bored at home and have no ongoing projects. I'm still a beginner though Question about the script: You're going to run this script when you're logged into CPanel, Right? @xaav: I've tried using booleans in mysql, It never worked properly for me Any tips?
    1 point
×
×
  • Create New...