Decode mysql with php - GoFuckYourself.com

hyper · 03-04-2003, 08:59 PM

i can encode this into a blob on my table

but how the fuck do i decode it?

$string = "insert into user (username, passwd, email, verify,prefs)values ('$username', ENCODE('$password', 'ba'), '$email','$code','$prefs')";
$result = mysql_query($string);

psyko514 · 03-04-2003, 09:01 PM

why would you put that into a blob?

hyper · 03-04-2003, 09:08 PM

the MySQL encode() function returns a binary string, which needs to be stored in a BLOB column type

psyko514 · 03-04-2003, 09:20 PM

why use encode()? why not md5() or mcrypt()?

anyways, you have to use the decode() function, but it needs the result of encode()

DECODE (encrypted_password, pass_string)

hyper · 03-04-2003, 09:23 PM

because i wanted to echo their current password and give them the option to change it, but i guess i will just give them the option to change it without displaying their current password

Nysus · 03-04-2003, 09:36 PM

Use md5

Cheers,
Matt

hyper · 03-04-2003, 09:38 PM

Quote:

Originally posted by Nysus
Use md5

Cheers,
Matt

md5 cant be decoded ..
just like the password() function

goes in but cant come out

psyko514 · 03-04-2003, 09:41 PM

I don't see why you'd show them their password and then offer to change it, unless the password is randomly generated?

hyper · 03-04-2003, 09:50 PM

well here is the deal

im writing the script so when they signup they choose their own password, but if they lose their password it generates one randomly.
So Then I wanted to Display the generated password and let them change it to something else ..
but i will just let them change it , by typing in a new password , then updating the table .. just like it did when they signed up

SilverTab · 03-04-2003, 09:56 PM

Yeah md5 is one-way encoding...why not use crypt() ?

Lane · 03-04-2003, 10:18 PM

why use encoding if its gonna be decodable? it doesnt really provide security then.

Lane · 03-04-2003, 10:21 PM

Quote:

Originally posted by hyper
well here is the deal

im writing the script so when they signup they choose their own password, but if they lose their password it generates one randomly.
So Then I wanted to Display the generated password and let them change it to something else ..
but i will just let them change it , by typing in a new password , then updating the table .. just like it did when they signed up

generate the new pass.. encrypt in with a one-way algorithm, put it in the database, and also email it to them (or display it on the page or whatever) .. there you have it, you have given them the new pass and its also one-way encrypted in the database.. they now need to enter the new pass to be able to change it to something else..

thats the common way of doing it

...or during the reset process, you can have them choose what pass to reset it to..

hyper · 03-04-2003, 11:04 PM

Quote:

Originally posted by Lane

generate the new pass.. encrypt in with a one-way algorithm, put it in the database, and also email it to them (or display it on the page or whatever) .. there you have it, you have given them the new pass and its also one-way encrypted in the database.. they now need to enter the new pass to be able to change it to something else..

thats the common way of doing it

...or during the reset process, you can have them choose what pass to reset it to..

thanx lane i will do that.. just allow them to change it o a familiar password once they log in

03-04-2003, 08:59 PM	#1
hyper Confirmed User Join Date: Mar 2002 Location: Mass Ass Posts: 5,294	Decode mysql with php i can encode this into a blob on my table but how the fuck do i decode it? $string = "insert into user (username, passwd, email, verify,prefs)values ('$username', ENCODE('$password', 'ba'), '$email','$code','$prefs')"; $result = mysql_query($string); __________________

03-04-2003, 09:01 PM	#2
psyko514 See sig. Join Epic Cash. Join Date: Oct 2002 Location: Montreal, Quebec. ICQ: 214702014 Posts: 22,366	why would you put that into a blob? __________________ Bad Girl Bucks - 50% Revshare through CCBill. Promote BrandyDDD, Pixie's Pillows, Action Allie and more! Phoenix Forum Pics \| Webmaster Access Montreal pics email: psyko514(a)gmail.com \| icq: 214-702-014

03-04-2003, 09:08 PM	#3
hyper Confirmed User Join Date: Mar 2002 Location: Mass Ass Posts: 5,294	the MySQL encode() function returns a binary string, which needs to be stored in a BLOB column type __________________

03-04-2003, 09:20 PM	#4
psyko514 See sig. Join Epic Cash. Join Date: Oct 2002 Location: Montreal, Quebec. ICQ: 214702014 Posts: 22,366	why use encode()? why not md5() or mcrypt()? anyways, you have to use the decode() function, but it needs the result of encode() DECODE (encrypted_password, pass_string) __________________ Bad Girl Bucks - 50% Revshare through CCBill. Promote BrandyDDD, Pixie's Pillows, Action Allie and more! Phoenix Forum Pics \| Webmaster Access Montreal pics email: psyko514(a)gmail.com \| icq: 214-702-014

03-04-2003, 09:23 PM	#5
hyper Confirmed User Join Date: Mar 2002 Location: Mass Ass Posts: 5,294	because i wanted to echo their current password and give them the option to change it, but i guess i will just give them the option to change it without displaying their current password __________________

03-04-2003, 09:36 PM	#6
Nysus Confirmed User Industry Role: Join Date: Aug 2001 Posts: 7,817	Use md5 Cheers, Matt

03-04-2003, 09:41 PM	#8
psyko514 See sig. Join Epic Cash. Join Date: Oct 2002 Location: Montreal, Quebec. ICQ: 214702014 Posts: 22,366	I don't see why you'd show them their password and then offer to change it, unless the password is randomly generated? __________________ Bad Girl Bucks - 50% Revshare through CCBill. Promote BrandyDDD, Pixie's Pillows, Action Allie and more! Phoenix Forum Pics \| Webmaster Access Montreal pics email: psyko514(a)gmail.com \| icq: 214-702-014

03-04-2003, 09:50 PM	#9
hyper Confirmed User Join Date: Mar 2002 Location: Mass Ass Posts: 5,294	well here is the deal im writing the script so when they signup they choose their own password, but if they lose their password it generates one randomly. So Then I wanted to Display the generated password and let them change it to something else .. but i will just let them change it , by typing in a new password , then updating the table .. just like it did when they signed up __________________

03-04-2003, 09:56 PM	#10
SilverTab Confirmed User Join Date: Nov 2001 Location: MTL Posts: 5,060	Yeah md5 is one-way encoding...why not use crypt() ? __________________ mmm my sig was too big... no more cool animation but hey still! need php? ICQ: 94586959

03-04-2003, 10:18 PM	#11
Lane Will code for food... Join Date: Apr 2001 Location: Buckeye, AZ Posts: 8,496	why use encoding if its gonna be decodable? it doesnt really provide security then. __________________