Dilema:- MySQL Password function() and Recover lost password

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
pistolfire99
Forum Commoner
Posts: 58
Joined: Thu May 23, 2002 3:18 pm

Dilema:- MySQL Password function() and Recover lost password

Post by pistolfire99 »

Hello folks,
I have a dilema. I am creating a site for my community with User Authentication. Now the passwords get saved into the database using mysql's password function. here is an example of my code

Code: Select all

INSERT INTO TABLE_USER (username, password) VALUES (%s, password(%s))
This enters the encrypted password in the database, but then I have another page(script) where members can recover their lost password and sent to them via email, but the script sends them the encrypted password. Its kinda useless that way to use mysql's built in password() function.
Can anyone give me a hint or a workaround, besides using MD5 and so on.
User avatar
delorian
Forum Contributor
Posts: 223
Joined: Sun May 04, 2003 5:20 pm
Location: Olsztyn, Poland

Post by delorian »

If someone lost his/her password just generate a new one. It's a much safer way. You can't decrypt password() because the string is not encrypted but hashed (I don't know is that a correct form of that verb :D). And of course MD5 or SHA1 is a lot better than password().

But if you want do it your way try to read about mysql ENCRYPT() and DECRYPT() functions.
SBukoski
Forum Contributor
Posts: 128
Joined: Wed May 21, 2003 10:39 pm
Location: Worcester, MA

Post by SBukoski »

It's definitely much easier, like delorian stated, to simply change the password to something else. Send the person an e-mail stating what the new password is and they can change it back to something they WILL remember when they re-visit your site.
pistolfire99
Forum Commoner
Posts: 58
Joined: Thu May 23, 2002 3:18 pm

Post by pistolfire99 »

Thank you guys for your reply. I guesss I will change my script to accomodate the new idea.
Thank You.
Post Reply