Re: MySQL obnoxious question
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Hi, Mário Gamito wrote:
For obnoxious reasons, I'm running a web site in Windows/ASP.NET/C# that once a user registers, it inserts in the MySQL qmail server the username, password, etc.It's in the password that the problem lies. I need to hash it just before or after the MySQL INSERT statement. For that, I have to run a PHP shell script that follows my signature.
There is an encrypt function in MySQL: http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html#function_encryptbut it is only available on systems which have a system crypt call (not Windows according to the docs). However if your MySQL database is running on Linux you should be able to just change the insert statement in the C# code to something like:
insert into user_details values("username", encrypt("password"), ...);and not bother with the php script. If the database is on Windows, then there are other encrytion functions available. There is a User Comment at the bottom of the above web page (search for "Philip Mather") which discusses using a trigger to achieve something that sounds similar to what you want.
There are lots of other options, of course, but my first route would always be to modify existing code. You might want to be careful, however, that you aren't breaking any license agreement before going ahead and modifying anything. If the code is unavailable or protected then you can just put a trigger on the user_details table in the database and encrypt the password there.
Hope some of that helps. Cheers Adam - To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html