Quote:
Originally Posted by Daz
It wouldn't suprise me if it is him, I'll be sure to use different passwords when signing up to TS SE sites.. :unknown:
|
We all hate xam because his source isn't free but very secure.
signup.php
PHP Code:
$secret = mksecret();
$passhash = md5($secret.$password.$secret);
takelogin.php
PHP Code:
$password = trim($_POST['password']);
if ($row['passhash'] != md5($row['secret'] . $password . $row['secret']))
{
//Invalid Login
}
Nobody can see user's passwords. They are secured while registering and logging.