password in url

Forum Moderators: coopster

Message Too Old, No Replies

password in url

ayushchd

1:14 pm on May 2, 2007 (gmt 0)

Hi,
I want to send the password of a user in the URL.
somethign like :

http://www.example.com/example.php?user=example&password=example

don warry the password will be encrypted wid the help of md5()

But I want to ask that is there any way so that i can send something unique in the URL string so that there are less possibilities of hacking. and which keeps on changing everytime?

mcavic

2:40 pm on May 2, 2007 (gmt 0)

Sure, you can create a random string, and store it in a database associated with the user. Just take the md5 or the hex value of a random number. Or if you're not interfacing with some other Web site, you can send the encrypted password using POST, or cookies.

FiRe

10:40 am on May 3, 2007 (gmt 0)

Or use a salt:

// This is the password from the database
$password = "blah";

// This is your salt
$salt = "kf934mqwf80";

// Now here is the better encrypted password
$pass = md5($salt . $password);

Now you would use the same $salt to lookup the password in the database - md5($salt . $_POST['password']);

password in url

ayushchd

mcavic

FiRe

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week