########################### # use mapps; # # CREATE TABLE users ( # auid int(10) unsigned NOT NULL auto_increment, # auname varchar(30) default NULL, # PRIMARY KEY (auid) # ) TYPE=MyISAM; # # CREATE TABLE secrets ( # auid int(10) unsigned NOT NULL auto_increment, # passwd char(40) NOT NULL default '', # salt int(11) NOT NULL default '0', # PRIMARY KEY (auid) # ) TYPE=MyISAM DEFAULT; ########################## package Mapps::Auth; use Exporter; use Digest::SHA1; use DBI; use warnings; use strict; use vars qw($VERSION @ISA @EXPORT); our $VERSION = 1.00; our @ISA = qw(Exporter); our @EXPORT = qw(&new &auth); sub new { my $class = shift; my $self = {}; return bless $self, $class; } sub auth { my ($self, $dbh1); my $uname = shift; my $passwd = shift; my ($dbsecret, $salt, $uid); $dbh1 = DBI->connect('dbi:mysql:itiv', 'lwriter', '**I can't tell +you!') or die "Couldn't connect: $dbh1->errstr"; # get secret from db my $statement="SELECT admin_users.auid, auname, passwd, salt FROM admin_users, secrets WHERE admin_users.auid=secrets.auid AND auname='$uname';"; my $sth = $dbh1->prepare($statement) or die "Couldn't prepare stat +ement: ".$dbh1->errstr; $sth->execute or die "Couldn't execute statement: ".$dbh1->errstr; while (my $ref = $sth->fetchrow_hashref){ $dbsecret = $ref->{'passwd'}; $salt = $ref->{'salt'}; $uid = $ref->{'auid'}; } # encrypts password using # SHA-1 algorithm my $sha1 = Digest::SHA1->new; # reset algorithm $sha1->hexdigest; # encrypt my $secret = Digest::SHA1::sha1_hex($passwd . $salt); #die "$uid, $dbsecret, $secret, $salt "; # does generated secret match database secret? if ($secret eq $dbsecret){ return (1, $uid); } return (0, $uid); } 1;
Neil Watson
watson-wilson.ca
In reply to Re^3: What *are* the best ways to encrypt data?
by neilwatson
in thread What *are* the best ways to encrypt data?
by bradcathey
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |