Re: [WebDNA] Encrypted password issue

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 103201
interpreted = N
texte = Kenneth Grome wrote: > I should be able to login when I encrypt a password with a > seed value in the database, right? > > I must be doing something wrong because I'm not able to > login. I encrypt the password like this when a new user > enters it into the register form: > > [append db=xxx.db]pass=[url][encrypt seed=xxx][pass] > [/encrypt][/url][/append] > > And then I encrypt the pass value from my login form before > using it in my search string like this: > > [search db=xxx.db&eqpassdatarq=[url][encrypt seed=xxx][pass] > [/encrypt][/url]] > > So why does the login fail? > > Sincerely, > Ken Grome [encrypt seed=] uses an algorithm that creates different values for each use.. but can extract the starting values from the different encrypted values. This means however that what your search value is is not what is stored in the database. You can use encrypt without the seed value I think. Alternatively, you could create a search that finds all records that equal the username, then do a showif match after decrypting all the pass values. [search.. findall_usernames] [showif [url][decrypt seed=xxxx][unurl][db_value][/unurl][/decrypt][/url]=[url][pass][/url]] This is the right user. [/showif] [/search] Donovan -- Donovan Brooke WebDNA Software Corporation http://www.webdna.us **[Square Bracket Utopia]** Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Encrypted password issue (John Butler 2009)
  2. Re: [WebDNA] Encrypted password issue (Kenneth Grome 2009)
  3. Re: [WebDNA] Encrypted password issue (Bob Minor 2009)
  4. Re: [WebDNA] Encrypted password issue (Kenneth Grome 2009)
  5. Re: [WebDNA] Encrypted password issue (Donovan Brooke 2009)
  6. Re: [WebDNA] Encrypted password issue (Donovan Brooke 2009)
  7. [WebDNA] Encrypted password issue (Kenneth Grome 2009)
Kenneth Grome wrote: > I should be able to login when I encrypt a password with a > seed value in the database, right? > > I must be doing something wrong because I'm not able to > login. I encrypt the password like this when a new user > enters it into the register form: > > [append db=xxx.db]pass=[url][encrypt seed=xxx][pass] > [/encrypt][/url][/append] > > And then I encrypt the pass value from my login form before > using it in my search string like this: > > [search db=xxx.db&eqpassdatarq=[url][encrypt seed=xxx][pass] > [/encrypt][/url]] > > So why does the login fail? > > Sincerely, > Ken Grome [encrypt seed=] uses an algorithm that creates different values for each use.. but can extract the starting values from the different encrypted values. This means however that what your search value is is not what is stored in the database. You can use encrypt without the seed value I think. Alternatively, you could create a search that finds all records that equal the username, then do a showif match after decrypting all the pass values. [search.. findall_usernames] [showif [url][decrypt seed=xxxx][unurl][db_value][/unurl][/decrypt][/url]=[url][pass][/url]] This is the right user. [/showif] [/search] Donovan -- Donovan Brooke WebDNA Software Corporation http://www.webdna.us **[Square Bracket Utopia]** Donovan Brooke

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Cookies (1999) form data submission gets truncated (1997) Emailer [cart] file names (1997) Upgrading to 4.0 on Windoze 98 (2000) Database Connectivity (1999) Date and Time Analyzer (2000) NT version (1997) Problems getting parameters passed into email. (1997) Stopping bad HTML propagation ? (1997) NT requires capitalized append? (2000) [Sum] function? (1997) docs for WebCatalog2 (1997) serial number generation (1997) New commands in Final candidate (1997) Emailer Set Up (1997) Dummy Credit Card Number for debug? (1997) latest version? (1998) WebCatalog NT (1996) can WC render sites out? (1997) [ShowNext] feature in 2.0 (1997)