determining if a stack is locked

Wed, 10 Feb 2010 12:10:13 -0800

With v4, the engine now uses a more secure method to secure scripts, but in my testing it has also removed any way to determine when a stack is password-protected without using "try". 

In versions prior to v4, you could do this:

   if the password <> the passkey then ...
The password and passkey returned an encrypted string which, while meaningless to the human reader, would at least allow comparisons of the password and passkey to determine if the passkey had been set in the current session, or if there is no password at all.
In v4 and later, asking for the password or passkey returns simply "true", which might be sufficient but here's the rub:
If you start a new session with a locked stack, asking for the password will return "true" which is correct, but asking for the passkey will also return "true" which is incorrect, since no passkey has yet been entered.
I would expect that asking for the passkey of a stack that has a password would return "false" until a passkey has been entered in the current session.
I discovered this with stacks in which the password had been set in a previous version, but I just confirmed it in v4 using this recipe: 

1. Make a new stack
2. Set the stack's password
3. Run this in the Message Box:

   put the password of this stack && the passkey of this stack
You'll get "true true", which is appropriate because the stack's password was set in this current session and therefore its script is available. 

So now continue this test:

4. Save your stack and quit
5. Re-launch Rev, and re-open the stack
6. Run that command again in the Message Box
RESULT: "true true", which seems inappropriate because the passkey has not been set and the stack's script cannot be accessed until it has. 


So this leads me to two questions:
1. Can anyone here spare a moment to confirm this behavior, and does it seem inappropriate to you?
2. What method exists in v4.x to determine if a stack has its password set but no passkey has been entered? 

TIA -

--
 Richard Gaskin
 Fourth World
 Rev training and consulting: http://www.fourthworld.com
 Webzine for Rev developers: http://www.revjournal.com
 revJournal blog: http://revjournal.com/blog.irv
_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution

Reply via email to