Jump to content


Check out our Community Blogs

rySch

Member Since 13 May 2011
Offline Last Active May 13 2011 02:43 PM
-----

Posts I've Made

In Topic: Small problem + Array

13 May 2011 - 02:42 PM

sorry my mistake the query should read
SELECT * FROM MyDB.Table


the idea is to get all the good values, put them into an array for later use, then if the a value submitted by a use isnt in that array return th ere

In Topic: Encryption of password in database

13 May 2011 - 02:40 PM

syntax isnt correct because that only part of a bigger script.

The md5 is week yes, but the reason for using it, is because its less intensive server side.
the md5 is more about mixing the hashed code up.

The bit that makes it secure is the sha1, salt and then changed a few of the characters for pre defined or dynamicly generated ones.

In Topic: help: it always say cannot be null

13 May 2011 - 12:44 PM

I thought the ternary operator was formatted like this:

$value = (<condition>?<true>:<false>);

In Topic: Session Variable

13 May 2011 - 12:20 PM

edit, I must learn to read more! :P

edit 2:
this would work just as well

mysql_select_db($database_brn_system, $brn_system); //select the database

$query = "SELECT `firstname` FROM `pilots` WHERE `pilot_callsign` = '{$_SESSION['MM_Username']}' LIMIT "1; //compile the query

$result = mysql_query($query_rsPilot, $brn_system) or die(mysql_error());//run the query
$row = mysql_fetch_assoc($rsPilot);//get any returned values

if($row['firstname'] != ''){ //if there was a name found
$_SESSION['firstname'] = $row['firstname'];
}else{
echo "No Name Found";
}

Ryan,

In Topic: Encryption of password in database

13 May 2011 - 12:13 PM

You could go a bit OTT and do this:

$pass = abc123; //user enter password
$sail = "1Dat0p";// your defined salt
$encrypt_pass = sha1($pass.$salt); //encrypt with sha1
for($i=0;$i<=12;$i++){
$encrypt_pass = $md5($encrypt_pass);//encrypt the sha1 a random number of times with md5
}
$new_encrypt = substr(substr($encrypt_pass,0,-5),5);//take off the last 5 and first 5 characters
$new_encrypt = 'rd2d3'.$encrypt_pass.'p98k7; //add in your known first 5 and last 5 characters


purely speculation.
(btw im new to the boards :), and find security issues fun have plently of beginner to complex ways to encrypt data - will post when i get time to).

Ryan,

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download