Will Posted May 13, 2007 Posted May 13, 2007 I am currently running a mccodes v1.1 engine. The passwords aren't encoded so I added "`userpass`=md5('{$_POST['password']}')to authenticate and changed the register page. I then ran the query: $rfr=mysql_query("SELECT * FROM users",$c) or die(mysql_error()); while($r=mysql_fetch_array($rfr)) { mysql_query("UPDATE users SET userpass=md5('{$r['userpass']}') WHERE userid=$userid",$c) or die(mysql_error()); } This all works fine but I have a "Send Password" feature which now won't work for obvious reasons. Is there anyway to un-encode the encoded password? Quote
Decepti0n Posted May 13, 2007 Posted May 13, 2007 Re: MD5 password encode no the best way is to provide a way for them to reset it, and it gets resent to their email address Quote
Will Posted May 13, 2007 Author Posted May 13, 2007 Re: MD5 password encode Any example code of how to do this? Quote
Silver Posted May 13, 2007 Posted May 13, 2007 Re: MD5 password encode perhaps you could have a security question. The user supplies an answer for the question they chose. They also type their email and username...this wud purely be to validate the user. Then offer them the chance to reset the password in md5 hash Quote
Will Posted May 13, 2007 Author Posted May 13, 2007 Re: MD5 password encode Ah well I have made some code now using a randomly generated string as an activation key and the password is reset. Quote
canibalstew Posted May 13, 2007 Posted May 13, 2007 Re: MD5 password encode i made one to reset their pass and have a verifacation pin also adding sending out email now maybe ill post it for free sometime on here Quote
Decepti0n Posted May 13, 2007 Posted May 13, 2007 Re: MD5 password encode Just hoping it doesn't reset until they enter the pin :s otherwise people could just reset others easily Quote
hamster01 Posted May 13, 2007 Posted May 13, 2007 Re: MD5 password encode perhaps you could have a security question. The user supplies an answer for the question they chose. They also type their email and username...this wud purely be to validate the user. Then offer them the chance to reset the password in md5 hash Not wise to have security questions ;) Password reset would be the best. Quote
canibalstew Posted May 14, 2007 Posted May 14, 2007 Re: MD5 password encode no its a security number but you cant change the pass of the user if that your email and your user name is all correct then you can change and you can only set your pin once once it is set thatshas worked good so far but i plan on posing it soon maybe some one will give more options to have more security Quote
Will Posted May 15, 2007 Author Posted May 15, 2007 Re: MD5 password encode I have posted the code used on the DBS mod forum if you want to use it. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.