PDA

View Full Version : I am VERY disappointed right now!


Tony
08-20-2011, 04:32 PM
I'm working for a friend on your script, and the first thing I was planning to do was give MD5 a salt so that it would be a little more secure and this is the first line I see.


$username = $_POST["username"];
$pass1 = $_POST["pass1"];
$pass2 = $_POST["pass2"];

Why?

Why is this not secure D< and you're inserting this RIGHT into the DB. I know you didn't build this script yoursefl, but just improved on it, but please, add some more security next update.

Hall of Famer
08-20-2011, 04:35 PM
Well I know what you are talking about. The dev staff are indeed working on this problem right now, after a programmer called Noseatback pointed it out. The new script will be using a combination of MD5, SHA1 and Salt to secure user password(maybe pepper too), if you wanna know.

Tony
08-20-2011, 06:43 PM
Sounds great! I feel much better.