|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
October 12th, 1999, 04:15 PM
|
|||
|
|||
|
Hi if I would like to crypt the data input by the users through html FORM and keep it in mySQL database, how would I go about doing this?
Say in my (dbi) script, I have $password = $Form{'passwordinputfromuser'}; # now how can I make this $password encrypted before I INSERT into a table in mySQL?? $encryptedpasword = ??$password??? .... INSERT into $table VALUES ($encryptedpassword) ... ....$sth->finish ... Thanks a lot in advance!
|
|
#2
October 24th, 1999, 12:31 PM
|
|||
|
|||
|
will you be using as a password? One way encryption?
|
|
#3
October 24th, 1999, 05:41 PM
|
|||
|
|||
|
I'm not totally sure about this but apparently MySQL can encrypt it for you.
ENCRYPT('mypass', 'pb') The 'pb' is called a salt that is used to generate the password. It should work URL
|
|
#4
October 24th, 1999, 11:55 PM
|
|||
|
|||
|
Yes I will be using this "password" field as an authentication method when users want to log in, for example, if a user inputs his userID and password, I would have a dbi perl script take the input data, query my user database(mySQL) and check if their userID matches the password, if yes then the database returns, say, their personal info .. etc.
Question to Entity42 about "ENCRYPT('mypass', 'pb')" so I would do sth. like ... $userid = $Form{'userID'}; $userpassword = $ Form{'password'}; INSERT INTO usertable VALUES ('$userID', 'ENCRYPT('$userpassword','pb')'); That would do it? or am I getting it not correctly. Thx.
|
|
#5
October 25th, 1999, 08:39 AM
|
|||
|
|||
|
Sorry I got it wrong. ( I think )
The ENCRYPT function is used with the SELECT statement. Here's how to do it with INSERT: INSERT INTO usertable VALUES ( '$userid', password('mypass')); Hopefully that'll work.
|
|
#6
October 27th, 1999, 06:52 PM
|
|||
|
|||
|
I tried INSERTing a password into mySQL with:
INSERT INTO test VALUES(password('1234')); It works fine. When I do SELECT userpasswd from test; It returned "crypted" characters .. sth. like %dbgatefr&656 Ok now, if I want to read out what exactly the user inputs in as his password (in this case 1234). How do I SELECT from the test table to have mySQL return 1234 instead of returning %dbgatefr&656 (crypted character)... Are we allowed to do that?? Thanks.
|
|
#7
February 19th, 2001, 05:08 PM
|
||||
|
||||
|
Hi!
As far as I understood the manual (at http://www.mysql.com/doc/M/i/Miscel..._functions.html), you are NOT able to retrieve the initial character sequences your users entered. What password('1234') does is calculate a checksum of that. So when users authenticate themselves later, the checksum of their entered pw will match the old checksum you stored and they are ready to be granted access :-)
|
|
#8
February 19th, 2001, 05:25 PM
|
|||
|
|||
|
You guys are going about this the wrong way. You don't want to rely on mysql's encrypt functions. Use perls:
Code:
$password = $form{'inputpass'};
$crypt_pass = crypt($password, $password);
# This encrypts the password, using itself as the salt (it only pay attention to the first 2 letters).
$sth = $dbi->prepare("INSERT INTO table (username, password) VALUES (?,?)");
$sth->execute($username, $crypt_pass);
That will encrypt the password and insert it into the database. You'll never be able to get back the password from the encrypted string, but you can compare what a user inputs to what the encrypted version is: Code:
$password = $form{'inputpass'};
$crypt_pass = crypt($password, $password);
$count = $dbi->do("SELECT * FROM table WHERE username = ".$dbh->quote($username)." AND password = ".$dbh->quote($crypt_pass));
# $count contains the number of items returned (1) or OEO
#if there are no items returned (i.e. the username and/or password are wrong).
|
|
| Viewing: Dev Shed Forums > Programming Languages > Perl Programming > "crypt" data from perl dbi to mySQL |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
