RE: account.php

From: Sergio Alvarez <>
Date: Fri, 13 Apr 2007 18:44:49 -0700

As long as you give me the same thing on create as with check, it should be fine. Currently storing them as a md5.


From: Stefan Kaczmarek []
Sent: Fri 4/13/2007 6:43 PM
To: Sergio Alvarez
Cc: Ivan Kwok; Dylan Douglas; Ben Ebert; Jay Mairs; Ty Heath
Subject: Re: account.php

For the check password, I'd want to do the hash of the password, instead of the password itself, so that I don't store the password as a cookie on their machine.

So I will be giving you, in php, "sha1($password)" ... So just pull the user and check what I give you against "sha1($password)" ... Coolio?

- Z

On Apr 13, 2007, at 6:39 PM, Sergio Alvarez wrote:

        new file, include/account.php
         // returns 0 for success, 1 for duplicate, -1 for any other error
         function CreateAccount($user, $password)
        // return 0 if user/password match, 1 if account does not exist or the password doesnt' match
         function CheckPassword($user, $password)

        Let me know if there are any issues or you want different return values.

Received on Fri Sep 14 2007 - 10:56:04 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:48 BST