Re: account.php

From: Stefan Kaczmarek <stefan_at_thezonie.org>
Date: Fri, 13 Apr 2007 19:11:40 -0700

No no, I just meant that since you're storing the hash of the
password, and not the password itself. Which is fine. We don't need
to store their actual password.

So I will be calling create account and check account with the hash
of the password.

- Z

On Apr 13, 2007, at 7:08 PM, Sergio Alvarez wrote:

> I just assumed we were doing username/password. If you call
> createAccount w/o the password parameter it should work by just
> using and empty string as their password.
>
>
> From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
> Sent: Fri 4/13/2007 6:55 PM
> To: Sergio Alvarez
> Cc: Ivan Kwok; Dylan Douglas; Ben Ebert; Jay Mairs; Ty Heath
> Subject: Re: account.php
>
> Well, okay. That should be fine ... We really don't need to store
> the freakin' password anyway, right?
>
> - Z
>
> On Apr 13, 2007, at 6:44 PM, Sergio Alvarez wrote:
>
>> As long as you give me the same thing on create as with check, it
>> should be fine. Currently storing them as a md5.
>>
>>
>> From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
>> Sent: Fri 4/13/2007 6:43 PM
>> To: Sergio Alvarez
>> Cc: Ivan Kwok; Dylan Douglas; Ben Ebert; Jay Mairs; Ty Heath
>> Subject: Re: account.php
>>
>> For the check password, I'd want to do the hash of the password,
>> instead of the password itself, so that I don't store the password
>> as a cookie on their machine.
>>
>> So I will be giving you, in php, "sha1($password)" ... So just
>> pull the user and check what I give you against "sha1
>> ($password)" ... Coolio?
>>
>> - Z
>>
>> On Apr 13, 2007, at 6:39 PM, Sergio Alvarez wrote:
>>
>>> new file, include/account.php
>>>
>>> // returns 0 for success, 1 for duplicate, -1 for any other error
>>> function CreateAccount($user, $password)
>>>
>>> // return 0 if user/password match, 1 if account does not exist
>>> or the password doesnt' match
>>> function CheckPassword($user, $password)
>>>
>>>
>>> Let me know if there are any issues or you want different return
>>> values.
>>>
>>>
>>>
>>>
>>
>
Received on Fri Sep 14 2007 - 10:55:51 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:45 BST