Validating md5 password in perl?

Computing.Net > Forums > Programming > Validating md5 password in perl?

Validating md5 password in perl?

Original Message

Name: Naveen
Date: April 30, 2005 at 01:02:48 Pacific
Subject: Validating md5 password in perl?
OS: Win xp
CPU/Ram: p4 512

Comment:

hi all,
A perl code that wont work.When i'm typing the username and password in an html page-- which is being validated with mysql, i'm being shown "Username or Password Incorrect!" which should not be the case. Instead i shud get a "Thank You" message. A couple of guys told me to include a code to md5 the password i'm entering in the textbox, and then match it with the encrypted password (which also has to be fetched using some particular code). Only then i'll be able to authenticate.
And i dont have access to MYsql client on a terminal window. i can access it through a web interface. I can see the table structure there which shows the passwords as encrypted.
My code looks as follows --
#!/usr/bin/perl
use CGI;
use CGI::Carp qw/fatalsToBrowser warningsToBrowser/;
use DBI;
my $query = new CGI;
print $query->header();
warningsToBrowser(1);
#print $query->start_html(-title=>'LOGIN PAGE');
$db="database";
$host="host";
$user="user";
$password=pwd;
if(($query->request_method() eq "POST") && ($query->param("user") ne '') && ($query->param("password") ne ''))
{
$chkuser=$query->param("user");
$chkpassword=$query->param("password");
$dbh = DBI->connect("DBI:mysql:database=$db:host=$host", $user, $password) or die "Can't connect to database:$DBI::errstr\n";
$qry = $dbh->prepare("SELECT emp_name, password FROM new_user where emp_name=$chkuser");
$qry->execute;
@row=$qry->fetchrow_array;
$name=$row[0];
$password=$row[1];
if ($chkuser eq $name && $chkpassword eq $password)
{
print "
Thank You!
";
$dbh->disconnect;
print $query->end_html();
}
else
{
print "<HEAD> Username or Password Incorrect!</HEAD>";
print "Please Try Again";
$dbh->disconnect;
print $query->end_html();
}
}
else
{
#print "Content-type: text/html\n\n";
#print <<EOF;
print "<HTML>";
print "<BODY>";
print "<FORM METHOD='POST' ACTION='login_main.pl'>";
print "
Username:</p>";
print "<input type='text' name='user'>
";
print "
Password:</p>";
print "<input type='password' name='password'>
";
print "<input type='submit' value='submit'>
";
print "</FORM>";
print "</BODY>";
print "</HTML>";
#EOF
#print $query->end_html();
}
If anyone could help me out of this one..it would be great
Thank You
naveen

Report Offensive Message For Removal

Response Number 1

Name: Wolfbone
Date: April 30, 2005 at 05:02:04 Pacific

Reply: (edit)

If the passwords have been md5 hashed (not encrypted) before being placed in the records then obviously they won't match the text passwords. You can either put a note on the web page form asking the users to calculate the md5sum of their passwords and enter that in the password field ;-) or write code to compare the db entry against an md5sum of what the user enters in the password field. If you have access to a *nix system, 'man Digest::MD5'

Report Offensive Follow Up For Removal

Response Number 2

Name: FishMonger
Date: April 30, 2005 at 09:16:20 Pacific

Reply: (edit)

See my post in the other thread of yours reguarding this issue.

Report Offensive Follow Up For Removal


How to write html code in perl? How to display next page in perl? Username and Password in cmd Batch file in perl How to put a password in a folder?	Batch program in Perl needed searching dir in perl Password in connection string on VB splitting up mail spools in perl How do I do passwords in VB.

java file data stamp

Shared memory in C

Use following form to reply to current message:

Name: From My Computing.Net Settings E-Mail: From My Computing.Net Settings Subject: Validating md5 password in perl?

Comments:

  Homepage URL (*): 
Homepage Title (*): 
         Image URL:

Have you ever used OpenOffice?

Poll Finishes In 5 Days.
Discuss in The Lounge

Dos on disk-on-module

IE & Firefox showing old website

Delgated authentication

net searching

Multiple Wireless Routers

All Posts Awaiting Replies