Manual:Hashing

From SacredWiki
Revision as of 23:39, 27 October 2013 by Schot (talk | contribs) (1 revision)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Certain fields, parameters and variables are hashed in MediaWiki. All of them use crytographically broken functions such as MD5 and SHA-1. However, only one, user_password, has important security implications, and that field's security is enhanced by means of a password salt.

Database fields

Table Field
archive ar_sha1
filearchive fa_storage_key
image img_sha1
oldimage oi_sha1
revision rev_sha1
user user_password

Parameters

Location Parameter
action=edit md5=
fa sha1=
fa sha1base36=
list=allimages aiprop=sha1
prop=revisions rvprop=sha1