Hi Rory
You can use crypt to encode a password, let say you want the password to be "my password", create a new php file :
echo crypt("my password");
then you get a unique encoded string something like 'ABC12Fdfi654sdfkfpr67UPL'
copy it and delete the php file
in your password validation file write :
$enc_pass = 'ABC12Fdfi654sdfkfpr67UPL';
if (@crypt($_POST['pass'], $enc_pass) == $enc_pass)
/* password is o.k. */
Now even if someone will see the php script he won't knew your password
Hope I've helped
yaron
-----Original Message-----
From: rory walsh [mailto:rorywalsh@xxxxxx]
Sent: Sunday, March 06, 2005 1:35 PM
To: php-general@xxxxxxxxxxxxx
Subject: Passwords?
I want to create a simple as possible password script, how secure is it
to have the password actually appear in the script? I only need one
password so I thought that this would be more straightforward than
having a file which contains the password. I am not using any database.
Actually this leads me to another question, is there anyway people can
view your script without having access to your server that is? Cheers,
Rory.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
