close ad
Databridge V2 with MySQLi support IS Now Available!
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Putting the unencrypted version of password in an update profile form

Thread began 7/21/2011 2:08 pm by georgevargasa302189 | Last modified 7/22/2011 1:56 pm by georgevargasa302189 | 1002 views | 4 replies |

georgevargasa302189

Putting the unencrypted version of password in an update profile form

I have encrypted passwords in the database.

On an update page I want to have the password initially set to the unencrypted version of the password, so it only has to be changed if desired.

In the form field I have;
<?php echo $row_WAATKusers['UserPassword']; ?>

How would I modify it to return the un-encrypted version instead?

Sign in to reply to this post

Ray BorduinWebAssist

What type of encryption are you using? Many encryption techniques can't be unencrypted, so it may not be possible.

One solution may be to have a separate column in the database to store the password without encryption and then once they update it once to remove it, but it kind of defeats the purpose of encryption to have an unencrypted version in the database.

Sign in to reply to this post

georgevargasa302189

I am currently using the wa_cryptencryption version.

But I can change to a different type I assume.

Is one type a better one that the other. I did note that if someone gets the encripted password generated by crypt, they can just paste it into a different user and it would work.

I would prefer a type that was a combination of the email address and password for example, so it would be more unique.

Sign in to reply to this post

Ray BorduinWebAssist

Crypt is a one-way encryption that can't be decrypted. You could use HASH or RIJNDAEL if you want the string to be unencrypted at some point. Both of these allow you to put a random string in a php include file that would be necessary in order to unencrypt so that simply getting access to the database wouldn't be enough and you would need a breech of both the database and php code before any data would be compromised.

The only other option would be to also store the unencrypted version until it is updated the first time.

Sign in to reply to this post

georgevargasa302189

I got it working for Hash encryption by editing the server behaviors on the various pages using the passwords to changing the encryption type .

For some reason rijndaelen does not verify the password when logging in. The encrypted password is longer and has special characters in it so maybe that has something to do with it.

I found one issue that crashes Dreamweaver. If I click on the form text box select a recordset value, it works as long as I do not specify decrypt. If I do, Dreamweaver will crash. I manually edited the code to <?php echo WA_HashDecryption($row_WAATKusers['UserPassword']); ?>, and that worked fine.

Sign in to reply to this post

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...