| |
|
| Viewing Topic: Member system -
display md5
password |
 Guest |
|
Subject: "Member system -
display md5
passwor..."
Posted: @ 11:10 am on Dec 30 2005 |
|
|
|
Unregistered
|
Hi all
I used the
member system
tutorial as the
basis for my
system. I have
managed to
extend it to
include a admin
section - some
members have
admin level
membership and
can change
usernames,
passwords,
users level
etc.
The problem I'm
having trouble
resolving is
how to convert
the md5
password for
display in the
update section
and change
password
section. The
form is
displaying the
encrypted
password not
the entered
password.
This is my form
line
Code:
<td><
input
name="pass
word"
type="text
"
value="<
;? echo $pword;
?>">
</td>
Here is the
code that sets
the variable
$pword
Code:
$pword=mysql_r
esult($results2
,$i,"ak_pw
ord"  ;
where ak_pword
is the field
that holds the
password. I've
tried a number
of ways but
cant seem to
get it right. I
am guessing i
need to add the
md5 function
into the
ak_pword output
somehow. I
tried
Code:
$pword=mysql_r
esult($results2
,$i,md5("a
k_pword");
but
that didnt
work.
Can anyone
point me in the
right
direction?
Many thanks
Sue
|
Viewed: 11,419 Times |  |  |
 suehami |
| Subject: "re: Member
system -
display md5
pas..."
Posted: @ 1:05 pm on Dec 30 2005
|
|
|
Member #: 127
Rank: user - (4)
Since: 12/30/05
Posts: 4
|
Hi (I'm
answering
myself here as
I registered
after I posted
the original
question)
I finally found
the correct way
to google the
question and it
seems that
basically you
cant unencrypt
a md5 encrypted
password.
Therefore it
seems to me
that if you md5
a password you
eliminate the
ability to send
people their
password if
they have
forgotten it,
change a
password etc.
Although a
thought struck
me, you could
create a dummy
password field
that holds an
unencrypted
version and use
that but then
what would be
the point of
encrypting it
in the first
place.
Just some
thoughts for
discussion
Sue
|
|
Viewed: 11,413 Times | | |
| bs0d |
| Subject: "re: Member
system -
display md5
pas..."
Posted: @ 1:41 pm on Dec 30 2005
|
|
|
Member #: 1
Rank: Admin. - (1,510)
Since: 02/06/05
Posts: 604
From: USA
|
I would just
set it up if
they want to
change their
password, they
can enter it
themselves.
Then, your
script will
encrypt it, and
compare it to
the encrypted
version in the
database. If
they lose their
password and
respond to the
email with a
verification
code, you
bypass the old
password and
make a new
one.
|
|
Viewed: 11,407 Times | | |
| suehami |
| Subject: "re: Member
system -
display md5
pas..."
Posted: @ 10:39 pm on Dec 30 2005
|
|
|
Member #: 127
Rank: user - (4)
Since: 12/30/05
Posts: 4
|
Hi bsOd
thanks for the
reply. I wanted
to display the
original
password within
a catch all
edit user page
- i.e. change
username,
access level,
password. which
is why i needed
to have the
unencrypted
password
available, in
case the
password was
not to be
changed.
clearly that
wont be
possible so I
guess i will
have to
seperate the
change password
function from
the change
level/username
or not store
the password
encrypted 
Thanks againfor
the advice
Sue
|
|
Viewed: 11,399 Times | | |
| Viewing Page: 1 of 1 |
|
|
|
