In my application, a client will complete a fairly involved
registration form containing more personal information than usual. The
form content will be encrypted (https) and will contain the client's
choice of password.
Previously, under MySQL, I used 2-way encryption, inserting the user and
password into the client table like so:
$insert = "INSERT INTO client_table (protocol,tpwd) VALUES ('$protocol',
AES_ENCRYPT('$tpwd','$salted'));
This allowed me to decrypt the password when the inevitable happens and
the testee loses his password. That gave me protection for the password,
because administration of the tests involved will not require ssl -
being nothing more than a tansfer of raw item responses.
From what I can see, AES_ENCRYPT seems to be closely hitched to MySQL.
Can I not avail myself of this function in PostgreSQL?
George
