Hi Rick, Yes you are correct. I do not store a plan text password. The conversion code is so they cant read the encryption either. If you cant read the encrypted text, you cant decrypt it right? Thanks for your response. Karl On Dec 22, 2009, at 10:54 AM, lists-mysql wrote:
This shouldn't be an issue as you should *never* be storing a user's password in plaintext in the first place. When a password is first set, encrypt it. If a user needs a new password, send a password recovery url to the email address on file (or some other like-minded approach). - Rick ------------ Original Message ------------Date: Monday, December 21, 2009 11:12:48 PM -0600 From: Karl DeSaulniers <karl@xxxxxxxxxxxxxxx> To: php-db@xxxxxxxxxxxxx Subject: Displaying Password Never mind. Got it. $replaceArray = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0'); $replaceWith = array('•','•','•','•','•','•','•','•','•','•', '•','•','•','•','•','•','•','•','•','•','•', '•','•','•','•','•','•','•','•','•','•','•', '•','•','•','•'); $UserPassword = str_replace($replaceArray, $replaceWith, $UserPassword); //hide pasword Best, Karl DeSaulniers Design Drumm http://designdrumm.com------------ End Original Message ------------
Karl DeSaulniers Design Drumm http://designdrumm.com
