Hi, Note from the manual: PASSWORD() encryption is one-way (not reversible). Also note: =============================== Note The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead. Also see RFC 2195, section 2 (Challenge-Response Authentication Mechanism (CRAM)), for more information about handling passwords and authentication securely in your applications. =============================== The way to do it is to encrypt the response password from the logon and compare the encrypted versions; rather than decrypting for the compare. Gary > -----Original Message----- > From: Nasreen Laghari [mailto:nasreen_laghari@xxxxxxxxx] > Sent: Sat, February 16, 2008 10:18 PM > To: php-db@xxxxxxxxxxxxx > Subject: Password decryption > > > Hi, > > I'm junior in PHP and stuck on Encryption. > > I have encrypted password using SQL : > > $query = "insert into user (userid,password,) values > ('$username',Password('$pass'));"; > > Which is working perfect. Now I'm working on Login page where > I have to compare passwords.. As password in database is > encrypted so I need to decrypt it back for compression. I > have tried the flowing but not working. > > if ($pwd != Password("$info['password']")) > { > echo("-----------------"); > //header("Location: abuse.php"); > } > > and > > if ($pwd != $info(Password("['password']")) > { > echo("-----------------"); > //header("Location: abuse.php"); > } > > Could any one please help.. > > Thank you > > > > ______________________________________________________________ > ______________________ > Be a better friend, newshound, and > know-it-all with Yahoo! Mobile. Try it now. > http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
