I am VERY disappointed right now!

[Tony]

I'm working for a friend on your script, and the first thing I was planning to do was give MD5 a salt so that it would be a little more secure and this is the first line I see.


$username = $_POST["username"];
$pass1 = $_POST["pass1"];
$pass2 = $_POST["pass2"];

Why?

Why is this not secure D< and you're inserting this RIGHT into the DB. I know you didn't build this script yoursefl, but just improved on it, but please, add some more security next update.

[Hall of Famer]

Well I know what you are talking about. The dev staff are indeed working on this problem right now, after a programmer called Noseatback pointed it out. The new script will be using a combination of MD5, SHA1 and Salt to secure user password(maybe pepper too), if you wanna know.

[Tony]

Sounds great! I feel much better.