Mattias, I think I understand. If it's apache that checks the
passwords in use, then my function won't help.
You could use the htpasswd command in a hell call to encrypt the
passwords, perhaps:
http://httpd.apache.org/docs/2.0/programs/htpasswd.html
Best,
Mark
On 29 Oct 2008, at 15:07, [EMAIL PROTECTED] wrote:
Hi Mark,
maybe i was not clear enough.
I want to create and encrypt passwords with rev, which then can be
used for http authentication on a webserver.
I want my rev app to create a folder on the webserver, create
passwords,encrypt them, create the .httaccess and the .htpassword
file and upload them to the newly created folder.
My rev app is already doing so, with one exception: I am using a
php file on the webserver to encrypt the passwords. I am using the
following code to get the encrypted password into rev.
put URL ("http://...../passwdcreate.php?pass="; & sPassword) into
sOutput
if line 1 of sOutput is "Password created"
then
put line 2 of sOutput into sEncryptedPassword
and so on
My PHP code is like this
<?php
// Passwort setzen
echo "Password created";
echo"<br>" ;
echo crypt($pass , 'sa');
?>
Regards,
Matthias
-------- Original Message --------
Subject: Re: Re-2: des encryption with rev for .htaccess password
(29-Okt-2008 12:43)
From: Mark Smith <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Mattias, there's a fairly clear description of how to use md5 one-way
encryption here:
http://www.pixel2life.com/publish/tutorials/118/
understanding_md5_password_encryption/
This would be very easy to do in Revolution.
A function might look like:
function md5crypt pPassword
local tSalt = "h7%sz0jd63hK0db2$_=97&8!W`?&h%fg" -- just a string
of bytes
return md5digest(pPassword & tSalt)
end md5crypt
so when your users first choose their password, you run it through
the md5crypt function, and store the output, and then, when you need
to check their password when they log in, you run the password they
give through the function and compare the output to the stored
(encrypted) password.
Hope this helps,
Mark
On 29 Oct 2008, at 09:58, [EMAIL PROTECTED] wrote:
Hi Mark,
i have to admit, that i am not very familiar with php and its
encryption.
This is what i found at php.net about crypt. PHP uses a random key
if none is provided.
--
crypt() will return an encrypted string using the standard Unix DES-
based encryption algorithm or alternative algorithms that may be
available on the system.
Some operating systems support more than one type of encryption. In
fact, sometimes the standard DES-based encryption is replaced by an
MD5-based encryption algorithm. The encryption type is triggered by
the salt argument. At install time, PHP determines the capabilities
of the crypt function and will accept salts for other encryption
types. If no salt is provided, PHP will auto-generate a standard
two character salt by default, unless the default encryption type
on the system is MD5, in which case a random MD5-compatible salt is
generated. PHP sets a constant named CRYPT_SALT_LENGTH which tells
you whether a regular two character salt applies to your system or
the longer twelve character salt is applicable.
The standard DES-based encryption crypt() returns the salt as the
first two characters of the output. It also only uses the first
eight characters of str , so longer strings that start with the
same eight characters will generate the same result (when the same
salt is used).
--
Regards,
Matthias
-------- Original Message --------
Subject: Re: des encryption with rev for .htaccess password (28-
Okt-2008 17:21)
From: Mark Smith <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Matthias, how does the PHP encryption work? Is it using some
internally maintained key (password)?
If so, I'm sure this would be possible in Rev.
Best,
Mark
On 28 Oct 2008, at 14:03, [EMAIL PROTECTED] wrote:
Hi,
does no one know, if this is possible with revolution?
Regards,
Matthias
-------- Original Message --------
Subject: des encryption with rev for .htaccess password (27-
Okt-2008 21:41)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Hi,
i am working on an app, which creates .htaccess and .htpassword
files for
folder/file protection on a linux webserver.
For this i have to encrypt passwords with standard php
encryption.
At the
moment i am
using a php script, which encrypts the password for me. But i
want
to do
the encryption with rev, if possible.
Does anyone know, if this is possible with Revolution? I
looked at
the
encrypt command, but it seems,
that i need to provide not only the password i want to encrypt,
but also a "
password" which is used for encryption.
Could anyone help?
Regards,
Matthias
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
To: [email protected]
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
To: [email protected]
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
To: [email protected]
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
