1
eDwerD
heres a good one for ya..
  • 2005/2/12 19:07

  • eDwerD

  • Just popping in

  • Posts: 23

  • Since: 2004/3/17


i got a lil bored yesterday and thought of something interesting.. i figured i'd try and connect to my database from visual basic.. it was simple enough to do.. then i thought hmmm.. i wonder if i could attempt to authenticate a user name and password from an exe file like this.. in a sence making a program interface for my website. (but not as elaborate as xoops) i know that would take ALOT of time to code, let alone all of the bugs i'd run across.. but theres one problem that caught my attention.. the password stored in the db.. i believe its encrypted, but im not exactly sure how XOOPS encrypts it.. if anyone would like to help with this issue, and or the project as a whole, let me know.. ive got pretty much nothing but time on my hands, many years of vb, and a few years hosting small scale websites like the ones i use with xoops.


just thought i'd get someone thinking

2
Mithrandir
Re: heres a good one for ya..

XOOPS encrypts the passwords in the database with a standard md5 algorithm that is part of the PHP platform. I'm quite sure there is a similar in C#/VB

3
eDwerD
Re: heres a good one for ya..
  • 2005/2/12 19:34

  • eDwerD

  • Just popping in

  • Posts: 23

  • Since: 2004/3/17


thats for the info, im going to research it now!

4
Dave_L
Re: heres a good one for ya..
  • 2005/2/12 21:07

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


If VB doesn't have an MD5 function, you could do it with the MySQL MD5 function:

This query will return only return the row if $password is the correct password:

SELECT FROM xoops_users WHERE uname='$uname' AND pass=MD5('$password')


The drawback to this method is that the password is sent in cleartext to the MySQL server, and also might appear in log files, or displayed on the screen if an error occurs.

5
eDwerD
Re: heres a good one for ya..
  • 2005/2/28 19:21

  • eDwerD

  • Just popping in

  • Posts: 23

  • Since: 2004/3/17


yea ive ran into a few issues with the login.. seems theres a few ways of goin about it, but they arent all that secure.. i guess this is somethin ima have to put alot of time into.

Login

Who's Online

180 user(s) are online (85 user(s) are browsing Support Forums)


Members: 0


Guests: 180


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Oct 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits