You're going to want to have encyption. A one way encryption such as MD5 (*I think...*) would be the best option for this, ensuring for example a password cannot be intercepted and stolen.
*realises fundamental flaws and goes off pondering*
You're going to want to have encyption. A one way encryption such as MD5 (*I think...*) would be the best option for this, ensuring for example a password cannot be intercepted and stolen.
*realises fundamental flaws and goes off pondering*
You're going to want to have encyption. A one way encryption such as MD5 (*I think...*) would be the best option for this, ensuring for example a password cannot be intercepted and stolen.
*realises fundamental flaws and goes off pondering*
Yep, use md5. In PHP:
$pass = md5(trim($pass));
Before the password is set to the database, use md5. That way, even if the database goes into the wrong hands (dumb DBAs), the password is still encrypted.
Yep, use md5. In PHP:
$pass = md5(trim($pass));
Before the password is set to the database, use md5. That way, even if the database goes into the wrong hands (dumb DBAs), the password is still encrypted.
I'll look into that, thanks guys.
I'll look into that, thanks guys.
I think the danger here is actually not how to encrypt the result, to safely add it to the database you're already connected to. Before you can send anything, you must log in to an SQL server, with an username and password, and that's the really dangerous part here, which is why I suggest php <img src="/center/images/graemlins/smile.gif" alt="" />
Besides, I can't see why php would make it any harder at all - you can send data that the php script can input with $_POST['blah'] or $_GET['blah'], and since php does not HAVE to output html, it can output plain text, you can use that to send data back to the application. I don't believe it should be much harder than connectiong to an sql server.
I think the danger here is actually not how to encrypt the result, to safely add it to the database you're already connected to. Before you can send anything, you must log in to an SQL server, with an username and password, and that's the really dangerous part here, which is why I suggest php <img src="/center/images/graemlins/smile.gif" alt="" />
Besides, I can't see why php would make it any harder at all - you can send data that the php script can input with $_POST['blah'] or $_GET['blah'], and since php does not HAVE to output html, it can output plain text, you can use that to send data back to the application. I don't believe it should be much harder than connectiong to an sql server.
I don't think ease is really the problem, merely convenience. Having to talk to a PHP page, which in turn talks to a database isn't the most efficient route in terms of both coding and at runtime (I would imagine).
I don't think ease is really the problem, merely convenience. Having to talk to a PHP page, which in turn talks to a database isn't the most efficient route in terms of both coding and at runtime (I would imagine).
Posting Permissions
Reply With Quote