Ok, like I said it has to be CROSSPLATFORM for all!
Macintosh, Windows and Linux
I know that a Text or INI file is bad but this is NOT top security
anyway. Just for the patient to have his/her family members not
'snoop' is all.
Now, Maarten you do bring up a good point as if someone deletes the
ini (text) file, then what? This brings up the question, is there
a safe place on a Win, Mac and Linux system to hold a UPC
(UserPasswordCode) file in? Without a serious issue of someone
deleting the file or 'snooping' through it?
Note: I was going to create an option for the user to have the
choice of either Password protected or not, as there can be more
then one patient in the database. Now with this option, if the
patient says YES to password and if the UPC ini file is deleted,
the program will look for a pasword and if NO UPC ini file it will
warn the user that the UPC file has been deleted or tampered with.
BUT! If the UPC ini file has been deleted, how is the user going to
re-do his/her password if the program has no idea what the original
password was(There is an option to change the password but you have
to have the original password first to change it to a new one)?
Ummmm not good!
Jonathon
----- Original Message ----- From: "Maarten de Vries"
<[EMAIL PROTECTED]>
To: "REALbasic NUG" <[email protected]>
Sent: Tuesday, May 02, 2006 10:47 AM
Subject: Re: PASSWORD PROTECTED data in Text file saved how?
I don't wan't to spoil everything, but if it's so important to keep
the user
data safe, I wouldn't store it in an ini file. It could be deleted,
then the
user can't login anymore or it can be altered. If you know it's
encoded with
MD5, you can just make youre own new password by encoding that new
password
with MD5 and pasting it in the ini. Or if you don't know that you
can still
mess the ini up so that it won't work for the user anymore. An ini
file is
just not safe, and not a good place to save a password.
I suggest you save it in the registry, although that's not hacker-
proof
either.
Maarten
On 02/05/06, Jonathon Bevar <[EMAIL PROTECTED]> wrote:
Joe,
Thanks for the answer to question one.
"(I'm assuming that you have gone through the tutorials that come
with RB,
and mastered the basics of reading and writing files, designing
windows
and
menus, etc.)" Now as for reading the LR, umm well kinda-sorta read
it. I
mostly read it when I need to, so I did read about the MD5, but
not to the
point as doing anything without a little help. I learn best by
having
someone show me a simple code then letting me work on it and
playing with
it
to understand HOW and WHY it works.
"Using TextInputStream as usual. Remember that you can't undo
this MD5
hash; you just read it in, and then compare it to the MD5 of
whatever the
user enters for a password to see if it matches." Ok here is where a
little
simple code will help me out most.
We (I) have this:
// Write User/Password Code to text file
Dim strout As TextOutputStream
Dim f As FolderItem
f = GetFolderItem("").Child("PatientLog_UPC.ini")
if f <> Nil then
strout = f.CreateTextFile
strout.WriteLine userName.text
strout.WriteLine MD5( userPassword.text )
strout.Close
end if
MsgBox("The User's Name and Password has been saved. Please press
'OK' to
continue...")
Self.Close
// Read User/Password Code from text file
Dim strin As TextInputStream
Dim f As FolderItem
f = GetFolderItem("").Child("PatientLog_UPC.ini")
If r.exists then
if f <> Nil then
strin = f.OpenAsTextFile
userName.text = strin.ReadLine
userPassword.text = strin.ReadLine
strin.Close
end if
End if
Ok, now what do I do?
Jonathon
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "REALbasic NUG" <[email protected]>
Sent: Monday, May 01, 2006 10:07 PM
Subject: Re: PASSWORD PROTECTED data in Text file saved how?
> On May 02, 2006, at 01:19 UTC, Jonathon Bevar wrote:
>
>> Ok, tell me this about the line of code:
>>
>> myOutputStream.WriteLine MD5( thePassword )
>>
>> thePassword? Is this the Editfield text, like this -
thePassword.text?
>
> Yes, or whatever variable or property you've previously stored the
> password in.
>
>> Now, we got the writing TO the text file, now how do I read
FROM it?
>
> Using TextInputStream as usual. Remember that you can't undo
this MD5
> hash; you just read it in, and then compare it to the MD5 of
whatever
the
> user enters for a password to see if it matches.
>
> (I'm assuming that you have gone through the tutorials that come
with
RB,
> and mastered the basics of reading and writing files, designing
windows
> and menus, etc.)
>
> Best,
> - Joe
>
> --
> Joe Strout -- [EMAIL PROTECTED]
> Available for custom REALbasic programming or instruction.
>
> _______________________________________________
> Unsubscribe or switch delivery mode:
> <http://www.realsoftware.com/support/listmanager/>
>
> Search the archives of this list here:
> <http://support.realsoftware.com/listarchives/lists.html>
>
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.385 / Virus Database: 268.5.1/327 - Release Date:
4/28/2006
>
>
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.5.1/327 - Release Date:
4/28/2006
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.5.1/328 - Release Date:
5/1/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.5.1/328 - Release Date:
5/1/2006
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
