Skip to content

ENCRYPT mysql and crypt php #6

Description

@kzpm

After installing the plugin with all correct credentials for accessing database and tables, changing the password fails with the notice "INFO[DATA]: Something went wrong. Either current password is incorrect, or new password does not match criteria."

Echoing the sql statement seems a little problematic with PDO mysql, so I cannot exactly observe how the plugin is 'talking' to mysql.

My mailserver stores passwords in the mysql users table as ENCRYPT($password, CONCAT('$6$', SUBSTRING(SHA(RAND()), -16).

The plugin, however, uses crypt() and mb_strlen to compare hashes of stored passwords.
I think ENCRYPT() and the way hashes are compared in the plugin do not match ..

Maybe the ENCRYPT() function for mysql is not the right way to store password, in the context of this plugin.

One way to overcome the problem is to alter code in the plugin so it matches my criteria, however I think it is better to alter the layout of the mysql password storage.

Does anyone have suggestions for storing passwords, so it meets the conventions in the plugin?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions