Manual:Hashing
Jump to navigation
Jump to search
Certain fields, parameters and variables are hashed in MediaWiki. All of them use crytographically broken functions such as MD5 and SHA-1. However, only one, user_password, has important security implications, and that field's security is enhanced by means of a password salt.
Database fields
| Table | Field |
|---|---|
| archive | ar_sha1 |
| filearchive | fa_storage_key |
| image | img_sha1 |
| oldimage | oi_sha1 |
| revision | rev_sha1 |
| user | user_password |
Parameters
| Location | Parameter |
|---|---|
| action=edit | md5= |
| fa | sha1= |
| fa | sha1base36= |
| list=allimages | aiprop=sha1 |
| prop=revisions | rvprop=sha1 |
