The only thing I can find anywhere in the code is this:
$auth_user = $_SERVER['PHP_AUTH_USER'];
$auth_pw = $_SERVER['PHP_AUTH_PW'];
$query = "select name from table where name = '$authuser' and
password = password('$auth_pw')";
I've never seen that password('$auth_pw') part before. Is that a
mysql part that I am not familiar with and that I should know? I've
been known to miss obvious stuff before.....
--
Kevin Murphy
Webmaster: Information and Marketing Services
Western Nevada Community College
www.wncc.edu
775-445-3326
On Sep 5, 2006, at 4:25 PM, Chris W. Parker wrote:
Kevin Murphy <mailto:php@xxxxxxxxxxxxxxxxxx>
on Tuesday, September 05, 2006 3:27 PM said:
The passwords are called in the application by:
$_SERVER['PHP_AUTH_PW']
Is there any way to tell how these passwords were encrypted?
Have you tried searching the entire codebase for that string? Might
get
you some clues.
From the commandline (and at the root of the codebase):
# grep -R PHP_AUTH_PW *
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
