[UPHPU] storing passwords

[Orson Jones]

Wade Preston Shearer wrote:
> I have recently written a users class that will manage user accounts for
> our various web applications and would like some feedback on how I was
> generating, storing, and validating user passwords.
> 
> http://rafb.net/p/jW0XR647.html

Looks pretty good.

I'd probably ditch the substr. But the db space you save is probably worth more than the ever so
slight reduction in security. Thinking about it though. The salt only offers additional protection
once someone gets a copy of the database. You have worse things to worry about if that happens.

Orson