SQL modify and PHP encrypt

fordiman

I have a couple of new problems concerning MySQL and PHP3..

First, is there a simple syntax to modify an entry? (ie:
MODIFY * from Users (col1, col2) VALUES(\"val1\", \"val2\") WHERE Username=\"user\"

or do I have to do a delete/insert?

Second. Right now, I\'m storing the passwords in the database as straight text. while I do have the SQL server locked off from the internet, if someone were to hack the site, they\'d have all the user passwords. Nasty security hole. Does anyone know a quick and dirty way to one way encrypt the passwords and then I could just compare the database entry to the encrypted user input?

[deleted]

First, grab your local MySQL manual, and read the SQL-syntax chapters.
It's all in there.

http://www.mysql.com/doc/U/P/UPDATE.html

Second, use md5() hashes to store the passwords. They are irriversable (so hackser have no use for them) and the md5() is done in PHP, so it's not database dependant. (as opposed to MySQL's password() function, which will cause problems should you ever move to a real database).