SALT description - Web Wiz Support and Community Forums

The username field can be copied straight over.

The user code field can be any unique value you want. (something not easy to guess would be best)

The salt and encrypted passwords are done by functions in the file function/function_hash1way.asp

Call the function getSalt(7), '7' being the length of the generated salt value.

Store the salt value in the database.

Then place the salt value on the end of the password and using the HashEncode() pass it your password with the salt value added to get your encrypted password.

Web Wiz Forums Hosting
ASP.NET Web Hosting

ok i created a code to convert my existing DB to new format like wwforum.mdb

here it is.

wrote:

<% @ Language=VBScript %>

<%

strDatabaseDateFunction = "Now()"

Set adoCon = Server.CreateObject("ADODB.Connection")
strDbPathAndName = Server.MapPath("admin/database/login.mdb")
strCon = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & strDbPathAndName
adoCon.connectionstring = strCon
adoCon.Open

query = "SELECT TOP 10 * FROM tblAuthor"

Set rsLogin = Server.CreateObject("ADODB.Recordset")
rsLogin.CursorType = 0
rsLogin.CursorLocation = 2
rsLogin.LockType = 1
rsLogin.Open query, adoCon

%>

<%

'******************************************
'*** Create Usercode *****
'******************************************

Private Function userCode(ByVal strUsername)

'Randomise the system timer
Randomize Timer

'Calculate a code for the user
strUserCode = strUsername & hexValue(15)

'Make the usercode SQL safe
strUserCode = formatSQLInput(strUserCode)

'Replace double quote with single in this intance
strUserCode = Replace(strUserCode, "''", "'", 1, -1, 1)

'Return the function
userCode = strUserCode
End Function

%>
<style type="text/css">

</style>

<table border=1 width=50%>
<tr align="center">
<td>
 Username
 </td>
<td>
 Usercode
 </td>
<td>
 Password
 </td>
<td>
 prev. Password
 
</td>
<td>
 Salt
 </td>
</tr>

<% while not rsLogin.eof %>

<%

Dim strUsername
Dim strPassword
Dim strSalt

strUsername = rsLogin("Username")
strPassword = rsLogin("Password")
'strSalt = rsLogin("Salt")

'******************************************
'*** Create a usercode ***
'******************************************

'Calculate a code for the user
strUserCode = userCode(strUsername)

'******************************************
'*** Encrypt password ***
'******************************************

strSalt = getSalt(Len(strPassword))

'Concatenate salt value to the password
strEncryptedPassword = strPassword & strSalt

'Encrypt the password
strEncryptedPassword = HashEncode(strEncryptedPassword)

'******************************************
'***       Create usercode cookie ***
'******************************************

    'Write the cookie with the name Forum containing the value UserID number
  Response.Cookies(strCookieName)("UID") = strUserCode

'Set the expiry date for 1 year (365 days)
'If no expiry date is set the cookie is deleted from the users system 20 minutes after they leave the forum
Response.Cookies(strCookieName).Expires = Now() + 365

%>

</table>

<%
 rsLogin.Close
 Set rsLogin = Nothing
 adoCon.Close
 Set adoCon = Nothing
%>

The result is:

Username	Usercode	Password	prev. Password	Salt
llima	llimaE2Z21CA43BDB442	72780F0C4EECE6B3CDCC586A2205096B90FDADE7	llima	AFE38
palmeida	palmeidaZZ6E434C16DA1C9	14EB10BA6A949DC82FE36C6DBFE5531DBA9B9C27	2799	899C
nsousa	nsousa7EZ9CAF5893Z9A7	818F23F25051974CE0DE563127C4B8767EBB2732	nsousa	AE4A30
nlopes	nlopesE8DFBF3BBZ4B5C4	E78A0470CF3C1445BD24578B95BAA56ABF658119	nlopes	F3AF23
olivcapt	olivcapt2126DD79FZEE168	1FAEE817E

cbr600 Members Profile Find Members Posts Groupie Joined: 05 October 2003 Location: Portugal Status: Offline Points: 89	Post Options Post Reply Quote cbr600 Report Post Thanks(0) Quote Reply Posted: 17 August 2004 at 8:59am
	hi Borg: i'm desperate with this problem because all my site development is stalled because of this. Can you give me any hint? Thanks in advance

ljamal Members Profile Find Members Posts Mod Builder Group Joined: 16 April 2003 Status: Offline Points: 888	Post Options Post Reply Quote ljamal Report Post Thanks(0) Quote Reply Posted: 17 August 2004 at 4:25pm
	Is the new added user active?
	L. Jamal Walton L. Jamal Inc : Web/ Print Design and ASP Programming

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 17 August 2004 at 4:37pm
	The new users with all their details are being entered into the forum database? Also each time a user logs in their Usercode is changed, so running two databases of member details will not work. Edited by -boRg-
	Web Wiz Forums Hosting ASP.NET Web Hosting

cbr600 Members Profile Find Members Posts Groupie Joined: 05 October 2003 Location: Portugal Status: Offline Points: 89	Post Options Post Reply Quote cbr600 Report Post Thanks(0) Quote Reply Posted: 18 August 2004 at 9:42am
	i figured out what was the error. I was selecting an extra space character from the displayed table. Glad i found that stupid mistake, 'cos i was going nuts. Thanks again borg. If anyone wants a script to merge their existing user DB to a WWForum DB, PM me and ill send you exacly what to do.

Post Reply	Page <12

Forum Jump

Forum Permissions View Drop Down

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum