Re: [Lam-public] mcrypt and mhash
Brought to you by:
gruberroland
From: Farkas L. <lf...@bn...> - 2003-11-18 10:14:04
|
Tilo Lutz wrote: > Am Mo, 2003-11-17 um 18.12 schrieb Farkas Levente: > >>is there any reason why you use mcrypt and mhash? which function do you >>use from these packages? could them be optional? > > mhash is not needed if passwords are encrypted with {crypt}. > mcrypted is needed to enrypt you password in the session because > a plaintext password in a file which could be readed by > webserver is very dangerous. > > We haven't found a solution to encrypt passwords without > mcrypt. If you have an idea how to do this I would be very > glad to hear it. in php by default (in strings) there are the following fuctions: crypt, md5, sha1, crc32 so I just would like to mcrypt and mhash are realy important or is it possible to make them optional? that can help a lot for many users, since most distribution do not contain mhash and mcrypt what's more php should have to compiled manualy after an ugrade then again ... which makes lam less usable:-( yours. -- Levente "Si vis pacem para bellum!" |