火曜日, 11月 25, 2008

PHP: Encrypting the Passwords

Nowadays, you need passwords everywhere, to access to blog admin page, to view member-only BBS, to read articles only available to the selected few, etc. All those sites require passwords. The passwords should be secured at a safe place and they should be safely protected -- encrypted. In PHP, crypt function does the work. It encrypts in a pattern that can be set by another secret keyword.

 
crypt($password,"ea")


Here the secret seed of this encryption is "ea" (happens to be my initials). This is a one way ticket to the password protected world -- there is no way to reverse the encryption unless you decipher the mechanism of PHP's encryption. In the real world checking of passwords, simply compare the resulting mysterious bunch of digits and letters with with the passwords that you would like to check -- with the encrypted ones, with the same secret seed.


strcmp(crypt($entered_password,"ea"),$password_stored_somewhere)==0


Notice that the string comparison is done with strcmp -- it is PHP's ancient trap. Never compare strings with == operator. PHP's inherent conversion machine might convert the string to some integer (or to any type) before doing the comparison.

Qt: 外部プログラムを起動する

  Qt/C++ のアプリは、外部へ直接アクセスできます。これはネットアプリでは不可能な Qt のメリットです。 外部プログラムを起動することもできます。QProcess::startDetached() を使うと独立したプロセスを立ち上げることができます。 この QProces...