[aur-dev] FS#17109: AUR passwords are not salted

Linas linas_fi at ymail.com
Fri Jun 25 14:25:23 EDT 2010

Denis Kobozev wrote:
>> The query in addsalt() function should have a WHERE Salt IS NULL. That's
>> nicer than checking it in php.
> Is it faster/more memory efficient/more readable?
> Best,
> Denis.
Supposing that the script is only used once, it's irrelevant, since it
will need
to traverse the whole user table.
If some rows were done and others don't (eg. you want to do it in batches),
then it makes a different since filtering client side means retrieving
each and
every user, sending it over the net and then discard it whereas
filtering on the
db only the relevant rows are sent.

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

More information about the aur-dev mailing list