2016-03-14, 00:36:43
You should never keep unhashed passwords in database/files
instead of
at very least use:
addCData not required in this case.
Or even better, use PHP function specially intended for that:
http://php.net/manual/en/function.password-hash.php
regards
instead of
Code:
$note->addCData($password);
at very least use:
Code:
$xml->addChild('password', sha1($password.$a_random_salt));
$xml->addChild(‘salt‘, $a_random_salt);
addCData not required in this case.
Or even better, use PHP function specially intended for that:
http://php.net/manual/en/function.password-hash.php
regards