Linchpin311 Tue Sep 27, 2011 12:25 pm
sure, but its not very safe and i dont know why you would want to do this.
in any case, you could accomplish this by removing the
md5() function from inside any database function that requires the password as an argument. for instance, start by opening session.php and find this line (should be around line 341 assuming you havent made any changes to the script):
- Code:
if($database->addNewUser($subuser, md5($subpass), $subemail)){
this line of code comes from the function register and gets called when the user has just submitted the registration form. if you were to remove the
md5() function from
$subpass the password would not be encrypted and saved as plain text in the database.
of course to make this work correctly you would also have to remove the
md5() function from all other database querys that require the password, as the functions are all expecting the encrypted string.