Page 1 of 1

cant figure out if passwords are encrypted.

Posted: Thu Mar 22, 2007 1:21 am
by psychotomus
I"m trying to retreive the passwords from database (forgot pasword feature)
This is how password is inserted into database

$password = $_POST['password'];

$result=MYSQL_QUERY("INSERT INTO owners (id,confirmed,confirmcode,name,email,password,phone)"."VALUES ('NULL', '0', '$confirmcode', '$name', '$email', '$password', '$telephone')");


field password is TEXT

heres how i'm trying to retreive the password

$result = mysql_query("SELECT password FROM writers WHERE email='$email'");
$pass = mysql_fetch_object($result);


$pass->password returns a string like "e6b5a70d236a5869e77d7572ac6d98e3"

Posted: Thu Mar 22, 2007 1:49 am
by dude81
psychotomus wrote: $pass->password returns a string like "e6b5a70d236a5869e77d7572ac6d98e3
I believe that is md5 encryption of the password text.
use md5($password) and compare the $pass->password

Posted: Thu Mar 22, 2007 1:58 am
by psychotomus
anyway to decrypt it?

Posted: Thu Mar 22, 2007 2:04 am
by feyd
Generally, no.

Posted: Thu Mar 22, 2007 2:06 am
by dude81
No way through php as far as I know but on search I got a url which gives the information on
md5 ecnryption and decryption which on giving the word does encryption and decryption

Posted: Thu Mar 22, 2007 2:09 am
by psychotomus
i'll just reset the password and send new password =0