Search Results

Search found 12796 results on 512 pages for 'password hash'.

Page 15/512 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Missing Password check

    - by AAA
    I am using the code below, it checks for empty fields and verifies email, but even if the password is correct it won't login. the password has been inserted with md5 protection, below is the code. I am new to this so please bare with me. Thanks! PHP: session_start(); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $email = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM accounts WHERE email = '$email'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: home.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['email'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM accounts WHERE email = '".$_POST['email']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the password is wrong if ($_POST['password'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['email'] = stripslashes($_POST['email']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['email'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); //then redirect them to the members area header("Location: home.php"); } } } else { // if they are not logged in <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>email:</td><td> <input type="text" name="email" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> } Here is the registration code: PHP: // here we encrypt the password and add slashes if needed $_POST['password'] = md5($_POST['password']); if (!get_magic_quotes_gpc()) { $_POST['password'] = mysql_escape_string($_POST['password']); $_POST['email'] = mysql_escape_string($_POST['email']); $_POST['full_name'] = mysql_escape_string($_POST['full_name']); $_POST['user_url'] = mysql_escape_string($_POST['user_url']); } // now we insert it into the database $insert = "INSERT INTO accounts (Uniquer, Full_name, Email, Password, User_url) VALUES ('".$uniquer."','".$_POST['full_name']."', '".$_POST['email']."','".$_POST['password']."', '".$_POST['user_url']."')"; $add_member = mysql_query($insert); After using ini_set function i got to see the error, i am getting this message but not sure what it means: Notice: Undefined index: password in /var/www/domain.com/htdocs/login.php on line 103 Notice: Use of undefined constant password - assumed 'password' in /var/www/domain.com/htdocs/login.php on line 11

    Read the article

  • Authlogic and password and password confirmation attributes - inaccessible?

    - by adam
    Im trying to test my successfully creates a new user after login (using authlogic). Ive added a couple of new fields to the user so just want to make sure that the user is saved properly. The problem is despite creating a valid user factory, whenever i try to grab its attributes to post to the create method, password and password confirmation are being ommitted. I presuem this is a security method that authlogic performs in the background. This results in validations failing and the test failing. Im wondering how do i get round this problem? I could just type the attributes out by hand but that doesnt seem very dry. context "on POST to :create" do context "on posting a valid user" do setup do @user = Factory.build(:user) post :create, :user => @user.attributes end should "be valid" do assert @user.valid? end should_redirect_to("users sentences index page") { sentences_path() } should "add user to the db" do assert User.find_by_username(@user.username) end end ##User factory Factory.define :user do |f| f.username {Factory.next(:username) } f.email { Factory.next(:email)} f.password_confirmation "password" f.password "password" f.native_language {|nl| nl.association(:language)} f.second_language {|nl| nl.association(:language)} end

    Read the article

  • ruby hash problem

    - by sameera207
    HI All I have the following hash {:charge_payable_response={:return="700", :ns2="http://ws.myws.com/"}} How can i get the value of the key :return (700) thanks in advance cheers sameera

    Read the article

  • Using Base SAS to validate Windows Password

    - by Bazil
    We have a signon script that requires a Windows password in order to access and validate against the SAS metadata server. The problem is that if the windows password is changed, and the script is run a few without being updated, then the user gets locked out and has to call IT support for a password reset. What is the simplest way of using Base SAS to validate a windows password? ie to enable a warning to the user if the password provided is not valid... EDIT: The concern is not whether or not this SHOULD be done, only HOW it could be done!

    Read the article

  • mySQL database password change now crashes Joomla.

    - by casim
    I have a mySQL database behind a Joomla install. I changed the database password because I forgot it but now Joomla crashes looking for the database. I guess joomla has the password written somewhere - if anyone knows I might be able to manual edit it and enter the new database password. Otherwise I'm hoping a manual install of a backup of the original database will work. I need to know does a backup include the database password. If yes, will reinstating my original database solve the problem for me by reverting the system back to it's original password? Please help. thx, s.

    Read the article

  • How do I delete a [sub]hash based off of the keys/values of another hash?

    - by Zack
    Lets assume I have two hashes. One of them contains a set of data that only needs to keep things that show up in the other hash. e.g. my %hash1 = ( test1 => { inner1 => { more => "alpha", evenmore => "beta" } }, test2 => { inner2 => { more => "charlie", somethingelse => "delta" } }, test3 => { inner9999 => { ohlookmore => "golf", somethingelse => "foxtrot" } } ); my %hash2 = ( major=> { test2 => "inner2", test3 => "inner3" } ); What I would like to do, is to delete the whole subhash in hash1 if it does not exist as a key/value in hash2{major}, preferably without modules. The information contained in "innerX" does not matter, it merely must be left alone (unless the subhash is to be deleted then it can go away). In the example above after this operation is preformed hash1 would look like: my %hash1 = ( test2 => { inner2 => { more => "charlie", somethingelse => "delta" } }, ); It deletes hash1{test1} and hash1{test3} because they don't match anything in hash2. Here's what I've currently tried, but it doesn't work. Nor is it probably the safest thing to do since I'm looping over the hash while trying to delete from it. However I'm deleting at the each which should be okay? This was my attempt at doing this, however perl complains about: Can't use string ("inner1") as a HASH ref while "strict refs" in use at while(my ($test, $inner) = each %hash1) { if(exists $hash2{major}{$test}{$inner}) { print "$test($inner) is in exists.\n"; } else { print "Looks like $test($inner) does not exist, REMOVING.\n"; #not to sure if $inner is needed to remove the whole entry delete ($hash1{$test}{$inner}); } }

    Read the article

  • Perl, creating a hash of hashes.

    - by Mike
    Based on my current understanding of hashes in Perl, I would expect this code to print "hello world." It instead prints nothing. %a=(); %b=(); $b{str} = "hello"; $a{1}=%b; $b=(); $b{str} = "world"; $a{2}=%b; print "$a{1}{str} $a{2}{str}"; I assume that a hash is just like an array, so why can't I make a hash contain another?

    Read the article

  • Ruby method Array#<< not updating the array in hash

    - by Mladen Jablanovic
    Inspired by http://stackoverflow.com/questions/2552363/how-can-i-marshal-a-hash-with-arrays I wonder what's the reason that Array#<< won't work properly in the following code: h = Hash.new{Array.new} #=> {} h[0] #=> [] h[0] << 'a' #=> ["a"] h[0] #=> [] # why?! h[0] += ['a'] #=> ["a"] h[0] #=> ["a"] # as expected Does it have to do with the fact that << changes the array in-place, while Array#+ creates a new instance?

    Read the article

  • Flattening hash into string in Ruby

    - by fahadsadah
    Is there a way to flatten a hash into a string, with optional delimiters between keys and values, and key/value pairs? For example, print {:a => :b, :c => :d}.flatten('=','&') should print a=b&c=d I wrote some code to do this, but I was wondering if there was a neater way: class Hash def flatten(keyvaldelimiter, entrydelimiter) string = "" self.each do |key, value| key = "#{entrydelimiter}#{key}" if string != "" #nasty hack string += "#{key}#{keyvaldelimiter}#{value}" end return string end end print {:a => :b, :c => :d}.flatten('=','&') #=> 'c=d&a=b' Thanks

    Read the article

  • Perl, get all hash values

    - by Mike
    Let's say in Perl I have a list of hash references, and each is required to contain a certain field, let's say foo. I want to create a list that contains all the mappings of foo. If there is a hash that does not contain foo the process should fail. @hash_list = ( {foo=>1}, {foo=>2} ); my @list = (); foreach my $item (@hash_list) { push(@list,$item->{foo}); } #list should be (1,2); Is there a more concise way of doing this in Perl?

    Read the article

  • Ruby: merge two hash as one and with value connected

    - by scalalala
    Hi guys: 2 hash: h1 = { "s1" => "2009-7-27", "s2" => "2010-3-6", "s3" => "2009-7-27" } h2 = { "s1" => "12:29:15", "s2" => "10:00:17", "s3" => "12:25:52" } I want to merge the two hash as one like this: h = { "s1" => "2009-7-27 12:29:15", "s2" => "2010-3-6 10:00:17", "s3" => "2009-7-27 2:25:52" } what is the best way to do this? thanks!

    Read the article

  • Can I get all active directory passwords in clear text using reversible encryption?

    - by christian123
    EDIT: Can anybody actually answer the question? Thanks, I don't need no audit trail, I WILL know all the passwords and users can't change them and I will continue to do so. This is not for hacking! We recently migrated away from a old and rusty Linux/Samba domain to an active directory. We had a custom little interface to manage accounts there. It always stored the passwords of all users and all service accounts in cleartext in a secure location (Of course, many of you will certainly not think of this a being secure, but without real exploits nobody could read that) and disabled password changing on the samba domain controller. In addition, no user can ever select his own passwords, we create them using pwgen. We don't change them every 40 days or so, but only every 2 years to reward employees for really learning them and NOT writing them down. We need the passwords to e.g. go into user accounts and modify settings that are too complicated for group policies or to help users. These might certainly be controversial policies, but I want to continue them on AD. Now I save new accounts and their PWGEN-generated (pwgen creates nice sounding random words with nice amounts of vowels, consonants and numbers) manually into the old text-file that the old scripts used to maintain automatically. How can I get this functionality back in AD? I see that there is "reversible encryption" in AD accounts, probably for challenge response authentication systems that need the cleartext password stored on the server. Is there a script that displays all these passwords? That would be great. (Again: I trust my DC not to be compromised.) Or can I have a plugin into AD users&computers that gets a notification of every new password and stores it into a file? On clients that is possible with GINA-dlls, they can get notified about passwords and get the cleartext.

    Read the article

  • How recovery zip password using CUDA (GPU) ?

    - by marc
    Welcome, How can i recovery zip password on linux using CUDA (GPU). From 2 day's i'm trying using "fcrackzip" but it's too slow. Few months back i saw some application that can use GPU / CUDA and get large performance boost in compare to CPU. If brute-force using cuda is not possible, please tell me what's the best application for dictionary attack, and where can i find best (largest) dictionary. Regards

    Read the article

  • Nginx Password Protect Directory Downloads Source Code

    - by Pamela
    I'm trying to password protect a WordPress login page on my Nginx server. When I navigate to http://www.example.com/wp-login.php, this brings up the "Authentication Required" prompt (not the WordPress login page) for a username and password. However, when I input the correct credentials, it downloads the PHP source code (wp-login.php) instead of showing the WordPress login page. Permission for my htpasswd file is set to 644. Here are the directives in question within the server block of my website's configuration file: location ^~ /wp-login.php { auth_basic "Restricted Area"; auth_basic_user_file htpasswd; } Alternately, here are the entire contents of my configuration file (including the above four lines): server { listen *:80; server_name domain.com www.domain.com; root /var/www/domain.com/web; index index.html index.htm index.php index.cgi index.pl index.xhtml; error_log /var/log/ispconfig/httpd/domain.com/error.log; access_log /var/log/ispconfig/httpd/domain.com/access.log combine$ location ~ /\. { deny all; access_log off; log_not_found off; } location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /stats/ { index index.html index.php; auth_basic "Members Only"; auth_basic_user_file /var/www/web/stats/.htp$ } location ^~ /awstats-icon { alias /usr/share/awstats/icon; } location ~ \.php$ { try_files /b371b8bbf0b595046a2ef9ac5309a1c0.htm @php; } location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/lib/php5-fpm/web11.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; } location / { try_files $uri $uri/ /index.php?$args; client_max_body_size 64M; } location ^~ /wp-login.php { auth_basic "Restricted Area"; auth_basic_user_file htpasswd; } } If it makes any difference, I'm using Ubuntu 14.04.1 LTS with Nginx 1.4.6 and ISPConfig 3.0.5.4p3.

    Read the article

  • Password best practices

    - by pcampbell
    Given the recent events with a 'hacker' learning and retrying passwords from website administrators, what can we suggest to everyone about best practices when it comes to passwords? use unique passwords between sites (i.e. never re-use a password) words found in the dictionary are to be avoided consider using words or phrases from a non-English language use pass phrases and use the first letter of each word l33tifying doesn't help very much Please suggest more!

    Read the article

  • Password Recovery

    - by Terry
    Currently we use Offline NT Password & Registry Editor for machines we do not have admin passwords for. It is a really nice tool but has some flaws. Is there something better/more modern?

    Read the article

  • User Account Password forgotten

    - by user3558
    I setup a image box of Vista Business to ghost a couple of weeks ago. I turned it on today and I seem to have forgotten the password. I've tried using OPH-Crack to crack it but with no luck. Does anybody have software that they use to crack user account passwords or know of a work-around for Vista?

    Read the article

  • Reset Windows user domain password

    - by Jan Zich
    Is there a way to reset a user domain password remotely without login to a remote desktop to the domain controller? I could not find any MMC plugin in non-server Windows (Window 7 Ultimate in this case) to manage Active Directory which is understandable.

    Read the article

  • Forgotten account password

    - by blade
    I kept my passwords recorded but the location on my PC where I kept this went missing. I now can't get into Windows Server 2008 R2 as I can't remember the administrator or named account credentials and have no password reset disk. This is on a VM (VM Player - which btw is temp till I get Hyper-V). How can I get back in? If I make AD can I join the server to AD and then set a domain account?

    Read the article

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >