[Previous] [Contents] [Next]


MySQL encryption

MySQL provides the encryption function password( ) that can be used instead of the crypt( ) function; we introduced this function in Chapter 3. The MySQL password( ) function can be incorporated into the SQL update or insert queries:

$update_query =
  "UPDATE users
     SET password = password($password)
     WHERE user_name = '$username'";

Like crypt( ), the MySQL password( ) function is a one-way function, but it is simpler to use because it doesn't require a salt string. However, when identical passwords are used, they are stored as identical encrypted strings. Another disadvantage to using the MySQL password( ) function is that the password is transmitted between the web server and the MySQL DBMS in its unencrypted form. We recommend that crypt( ) be used rather than the MySQL password( ) function when building web database applications.


[Previous] [Contents] [Next]


Home ADD TUTORIAL Articles
A+ Certification ASP C C# Flash HTML and CSS Java MS Access MS Excel MS Excel 2007 MS FrontPage MS PowerPoint MS Word MySQL Networking Perl and CGI Photoshop PHP PHP and MySQL Visual Basic XML XML