How do you securely store a user's password and salt in MySQL?

Question

So, I found out on SO that you\'re supposed to hash the password together with a \"salt\". (The articles can be found here and here.)

Here\'s the code:

Answer 1

its an old topic but others will come here too so i will try to describe it very easy:

if you do hash(password) you get the same hashvalue for every password [hash(password) = hash(password)]. if two users have the same password, you will see it because the hashvalues are the same. some passwords like "password" or "12345678" are taken very often so: same hashvalue in your database -> maybe password "password" or "12345678" (rainbowtable attack).

if you hash(salt+password) you dont get the same hash for the same passwords because hash(salt1+password) is not hash(salt2+password).

hash(x) is just a mathematical function like f(x)=y. if you put the same x you will get the same y. this function must be "special" to be safe. just dont use sha1 because it is not safe anymore :D