Thanks for the code, been really helpful.
However, once the password has been stored in the database, the idea is that people who have access to the database wont be able to read it. It will only be me, but still...
Wouldn't it be easier just to use the sha1 function on its own? And then to store the key as the password in the table. The whole salt thing is quite complicated, and i'm still only getting to grips with the basics.