Skip to main content
A
Anonymous
July 26, 2007
Question

Encryption

  • July 26, 2007
  • 4 replies
  • 795 views
I use Dreamweaver MX 2004 generating a record insertion Wizard for when I want to insert a user. I have the username field in my case it is the e-mail, and the password. I would like to know how to encrypt the password when it goes into the database. I was told to use a "sha1". How do I incorporate this after Dreamweaver has generated a record insertion?
This topic has been closed for replies.

4 replies

N
Newsgroup_User
Inspiring
July 26, 2007
On Thu, 26 Jul 2007 14:13:51 +0100, David Powers <david@example.com>
wrote:

>Sure. Once a password has been encrypted with sha1() or md5() - both of
>which handle only one-way encryption - the login form needs to compare
>an encrypted version of the password submitted through the form with the
>one stored in the database. So the same code also needs to be used on
>the login form.


Exactly.

Gary
A
Anonymous
July 26, 2007
Thank you David, it worked as far as the creating a password that is encrypted, however in the login it will not allow me to login with the password I have placed. You have mentioned I use the same code and place it in the login, where am I supposed to place it, at the top of all codes? What is my next step, Dreamweaver has created my login page and access level.
N
Newsgroup_User
Inspiring
July 26, 2007
Gary White wrote:
> That is, indeed, the easiest way to handle it. However, it's worth
> mentioning that the user authentication routines will also have to be
> modified.

Sure. Once a password has been encrypted with sha1() or md5() - both of
which handle only one-way encryption - the login form needs to compare
an encrypted version of the password submitted through the form with the
one stored in the database. So the same code also needs to be used on
the login form.

--
David Powers, Adobe Community Expert
Author, "The Essential Guide to Dreamweaver CS3" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/
N
Newsgroup_User
Inspiring
July 26, 2007
On Thu, 26 Jul 2007 09:12:32 +0100, David Powers <david@example.com>
wrote:

><?php
>if (isset($_POST['password'])) {
> $_POST['password'] = sha1($_POST['password']);
> }
>?>

That is, indeed, the easiest way to handle it. However, it's worth
mentioning that the user authentication routines will also have to be
modified.

Gary
N
Newsgroup_User
Inspiring
July 26, 2007
AdonaiEchad wrote:
> I was told to use a "sha1". How do I incorporate this
> after Dreamweaver has generated a record insertion?

You don't do it after the insertion, but before. The Dreamweaver server
behavior doesn't support encryption, so you need to code it yourself.
The simplest way is to put this at the top of the user registration page:

<?php
if (isset($_POST['password'])) {
$_POST['password'] = sha1($_POST['password']);
}
?>

By putting it outside the server behavior code, the server behavior
remains fully editable through the Dreamweaver interface.

--
David Powers, Adobe Community Expert
Author, "The Essential Guide to Dreamweaver CS3" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/
M
Manderson5
Participant
October 6, 2007
This is just the answer I've been looking for. However, I'm trying to use aes_encrypt with salt instead of sha. My question is how this changes the code other then using aes_encrypt in place of sha? Also, if I'm hiding the salt in a table, where do I initialize a variable that will use my salt value from the table? Thanks for your help in advance.

Mark
Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices