Re: account.php

From: Stefan Kaczmarek <stefan_at_thezonie.org>
Date: Fri, 13 Apr 2007 18:55:16 -0700

Well, okay. That should be fine ... We really don't need to store the
freakin' password anyway, right?

- Z

On Apr 13, 2007, at 6:44 PM, Sergio Alvarez wrote:

> As long as you give me the same thing on create as with check, it
> should be fine. Currently storing them as a md5.
>
>
> From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
> Sent: Fri 4/13/2007 6:43 PM
> To: Sergio Alvarez
> Cc: Ivan Kwok; Dylan Douglas; Ben Ebert; Jay Mairs; Ty Heath
> Subject: Re: account.php
>
> For the check password, I'd want to do the hash of the password,
> instead of the password itself, so that I don't store the password
> as a cookie on their machine.
>
> So I will be giving you, in php, "sha1($password)" ... So just
> pull the user and check what I give you against "sha1
> ($password)" ... Coolio?
>
> - Z
>
> On Apr 13, 2007, at 6:39 PM, Sergio Alvarez wrote:
>
>> new file, include/account.php
>>
>> // returns 0 for success, 1 for duplicate, -1 for any other error
>> function CreateAccount($user, $password)
>>
>> // return 0 if user/password match, 1 if account does not exist or
>> the password doesnt' match
>> function CheckPassword($user, $password)
>>
>>
>> Let me know if there are any issues or you want different return
>> values.
>>
>>
>>
>>
>
Received on Fri Sep 14 2007 - 10:55:54 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:46 BST