TalkPHP - View Single Post - PHP Session Login

delayedinsanity · 06-07-2008, 06:05 PM

Wait a minute, I didn't take a close look at the first code block... you're storing the users password in a session variable? *smacks your hands* bad, bad boy. Noooooo.

And this!

PHP Code:


			
$psd = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST['password'])))))))); ## Submitted Password stored in a variable

*smacks your hands again*

Might I direct you to an article that I found really good?

Working with Dynamic Cryptography Salts
-m

06-07-2008, 06:05 PM	#6 (permalink)
delayedinsanity is cute and cuddly Join Date: Mar 2008 Location: Vegas, Baby Posts: 963 Thanks: 31	Wait a minute, I didn't take a close look at the first code block... you're storing the users password in a session variable? smacks your hands bad, bad boy. Noooooo. And this! PHP Code: `$psd = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST['password'])))))))); ## Submitted Password stored in a variable` smacks your hands again Might I direct you to an article that I found really good? Working with Dynamic Cryptography Salts -m