I have a program that set's a database up with a PHP script.
It automatically inserts a generic 'user' into a 'members' table.
Each user has a password.
In mysql I have used the 'PASSWORD('someString')' function to encrypt each
users password. When authenticating a user for system use, I use the same
function to compare encrypted password.
How is this easiily achieved in Postgresql? (as there is no 'PASSWORD'
Below is the table structure (simplified for this example)
CREATE TABLE users (
userid serial (auto_increment if using mysql),
PRIMARY KEY(userid, name) );
Here is what I would do with MySQL to set up the default user:
INSERT INTO users (name, password) VALUES ('john citizen',
Is there any way to replicate this with PostgreSQL or a better way to
authenticate users with both databases (md5 or similar) ????
I'd rather keep the encryption/and or md5 logic out of the scripts and in
the database if possible. (unless there is a reason not to..)
[mailto:pgsql-php-owner(at)postgresql(dot)org]On Behalf Of Matthew Horoschun
Sent: Tuesday, 21 January 2003 9:10 AM
To: David Busby
Subject: Re: [PHP] Creating md5 passwords in PHP for the PostgreSQL
Thanks for the reply.
Unfortunately, thats not quite the problem. I want to create passwords
that will work in the pg_shadow table. So, I need them to be calculated
in exactly the same way PostgreSQL does when you do a CREATE USER
matthew WITH PASSWORD testing.
For example, If I create a user in PostgreSQL called 'matthew' with
password 'testing', I get pg_shadow entry with passwd:
but, if I do a simple md5 of 'testing' like you've done below, I get:
As you can see, those don't match.
Perhaps I'm missing something though?
On Tuesday, January 21, 2003, at 05:27 AM, David Busby wrote:
> I just use something like
> $pass = $_POST['pass'];
> $e_pass = md5($passs);
> Maybe not as secure as two md5s, but have you ever tried to
> reverse one
> md5 checksum?
CanPrint Communications Pty. Ltd.
Mobile: 0417 282 378
Direct: (02) 6295 4544
Telephone: (02) 6295 4422
Facsimile: (02) 6295 4473
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo(at)postgresql(dot)org)
In response to
pgsql-php by date
|Next:||From: Matthew Horoschun||Date: 2003-01-22 03:48:36|
|Subject: Re: Password Encryption to replicate MySQL PASSWORD function|
|Previous:||From: Fery||Date: 2003-01-22 02:51:49|
|Subject: Re: Creating md5 passwords in PHP for the PostgreSQL pg_shadow table|