Hash Password in config.ini.php

dynamiccookies / DadsGarage

Online vehicle inventory for small scale automotive lot.

GNU General Public License v3.0

0 stars 0 forks source link

Hash Password in config.ini.php #15

Open dynamiccookies opened 7 years ago

dynamiccookies commented 7 years ago

The database password in the config.ini.php file should be hashed instead of stored in plain text.

dynamiccookies commented 5 years ago

Attempted this, but ran into an issue when dehashing. Need to rethink this. Many other applications leave database passwords in plain text within the ini file. May need to push this into a future release.

dynamiccookies commented 3 years ago

Need to try storing hashed password, and then rather than dehashing it, hash the entered password and compare that to the stored hashed value.

dynamiccookies commented 3 years ago

This doesn't make sense though. The only password stored in the config file is for the database, and that needs to be dehashed to show up on the page.

The user account passwords are already being stored as their hashed values in the database, so that's not an issue.