On 11/26/05, Yaswanth Narvaneni <yaswanth@xxxxxxxxx> wrote:> I 'dont' want to use something like select * from table where> table.passwd=password($passwd);
Well, i think you better use a specific password hashing functionrather than MySQL's password() 'cause it's implementation is notconsistent across versions (IIRC. they broke backward compatibility inversion 5).. Use md5() or sha1() so you know what alghorithm is usedand you can be almost sure that implementation across langauges andversions is the same.
so when you store the password do a query like:
$sql .= "INSERT INTO sometable (name, password) VALUES ('someuser',md5('somepassword'))";
PHP has an md5() and sha1() too, check the manual for them
-ahmed
