Is there a way to a password before it's placed in a database, and then to decrypt it once it's taken out of a database?
take a look at http://www.php.net/manual/en/ref.mcrypt.php
Either the mcrypt library or the encode/decode functions if you're using MySQL.
http://www.mysql.com/doc/M/i/Miscellaneous_functions.html
A more secure approach is to store the password hashed (one-way, no decryption) with MD5 or SHA1 in the database and then hash the password that the user types into a form and compare the two hashed passwords to authenticate.
yup, I mostly use that to, but one disadvantage is that you cant mail forgotten passwords, I solve this by using a personal code, witch users can request to change their password
