1. #51
    Sencha User Gunmen's Avatar
    Join Date
    Jul 2007
    Posts
    305
    Vote Rating
    0
    Gunmen is on a distinguished road

      0  

    Default


    I have read the complete thread and understand that you can create with this function an encrypted or hashed version of a given password and or username.

    What I don't understand so far is how I can use this in connection with the server? How do I check the password provided (user input) and saved (database)?

    Thansk!

  2. #52
    Sencha User
    Join Date
    Oct 2007
    Location
    Berlin, Germany
    Posts
    889
    Vote Rating
    9
    wm003 will become famous soon enough

      0  

    Default


    Quote Originally Posted by Gunmen View Post

    What I don't understand so far is how I can use this in connection with the server? How do I check the password provided (user input) and saved (database)?

    Thansk!
    You only submit the hash to the server. On the server side you check the database (which should also have the hashed password instead of the real one) to match the given hash.

    for additional security i suggest hashing the pw-hash again together with a random salt (e.g. session-based, which the server also knows).

    Use this on the server side aswell to check, if the hashes matches. This way the submitted hash is always different on every request, but the pw hashes are always the same.


    Quick PHP Example:

    PHP Code:
    session_start();
    if (!isset(
    $_SESSION["salt"])) {
        
    $_SESSION["salt"] = uniqid (rand());
    }

    //generate javascript version of the salt
    echo "var salt='".$_SESSION["salt"]."';";

    $user_id $_GET["userid"];
    $pwhash $_GET["pw"]; 
    on submit of the js-form you generate

    PHP Code:
    var hash2submit Ext.util.MD5(Ext.util.MD5(password)+salt); 

    then check your database

    PHP Code:
    select passhash from usertable where user_id '$user_id'

    //passhash has the password stored as plain MD5 Hash (MD5(password))
    ...
    if (
    MD5($passhash.$_SESSION["salt"])!=$hash2submit) {
     die(
    "wrong login");

    ...

  3. #53
    Sencha User Gunmen's Avatar
    Join Date
    Jul 2007
    Posts
    305
    Vote Rating
    0
    Gunmen is on a distinguished road

      0  

    Default


    Thank you wm003, for your example. I'm going to try this soon.

  4. #54
    Sencha User
    Join Date
    Apr 2013
    Posts
    1
    Vote Rating
    0
    dontako is on a distinguished road

      0  

    Default


    Hi, I'm triyng to compile my app with sencha cmd and I'm getting this error:

    Code:
    [ERR] C2008: Requirement had no matching files (Ext.util.MD5) -- C:\wamp\www\myapp\app.js:2768
    [ERR] The following error occurred while executing this line:
    C:\wamp\www\myapp\.sencha\app\build-impl.xml:165: The following error occur
    red while executing this line:
    C:\wamp\www\myapp\.sencha\app\build-impl.xml:158: com.sencha.exceptions.ExS
    cript: Wrapped com.sencha.exceptions.ExBuild: Failed to find any files for C:\wa
    mp\www\myapp\app.js::ClassRequire::Ext.util.MD5 (x-app-build#290)
       runAppBuild (x-app-build:290)
       [anonymous] (x-app-build:566)
       x_app_build (x-app-build:564)
       <script> (anonymous:1)
    Thank You

  5. #55
    Sencha User
    Join Date
    Aug 2014
    Posts
    1
    Vote Rating
    0
    intre is on a distinguished road

      0  

    Default


    How do i include that?

Turkiyenin en sevilen filmlerinin yer aldigi xnxx internet sitemiz olan ve porn sex tarzi bir site olan mobil porno izle sitemiz gercekten dillere destan bir durumda herkesin sevdigi bir site olarak tarihe gececege benziyor. Sitenin en belirgin ozelliklerinden birisi de Turkiyede gercekten kaliteli ve muntazam, duzenli porno izle siteleri olmamasidir. Bu yuzden iste. Ayrica en net goruntu kalitesine sahip adresinde yayinlanmaktadir. Mesela diğer sitelerimizden bahsedecek olursak, en iyi hd porno video arşivine sahip bir siteyiz. "The Best anal porn videos and slut anus, big asses movies set..."