Topic: Hash

procedure frmLogin_Button1_OnClick ( Sender: string; var Cancel: boolean ); // check credentials and, if okay, show Form1
///////////////  Login, password, user rights  /////////////////////
var
       sHash: string;
       s: string;
begin
     // SQL login and password request user
        sHash: = VarToStr ( SQLExecute ( 'SELECT pass FROM users WHERE ( lldelo = '' '+ frmLogin.Edit1.Text + '' ); ') );


     // if the hash in the database = hash of entered a password
         if sHash = StrToMD5 ( frmLogin.Edit2.Text ) then
         Form1.Show;
end;




I have Hash in my database:
         202cb962ac59075b964b07152d234b70
When I do the above password check, there is no comparison, but when you change to the manual in the database by capital letters:
         202CB962AC59075B964B07152D234B70
then everything is fine..
Does anyone know how to specify a letter rig in a script or can turn it off?

Re: Hash

try

procedure frmLogin_Button1_OnClick ( Sender: string; var Cancel: boolean ); // check credentials and, if okay, show Form1
///////////////  Login, password, user rights  /////////////////////
var
    chk: Integer;
begin
    chk := SQLExecute('SELECT COALESCE(id, -1) FROM users WHERE lldelo LIKE '''+frmLogin.Edit1.Text+''' AND pass LIKE '''+StrToMD5 ( frmLogin.Edit2.Text )+'''');   
    // opt 2
    // chk := SQLExecute('SELECT COALESCE(id, -1) FROM users WHERE lldelo LIKE '''+frmLogin.Edit1.Text+''' AND pass LIKE '''+UPPERCASE(StrToMD5 ( frmLogin.Edit2.Text ))+'''');         

   if chk > 0 then
       Form1.Show;
end;

again, it is better for you to attach a sample working program with the problem, It would be much easier that way

brian

Re: Hash

Use the upper or lower case function Uppercase() or LowerCase(), either when you first enter the hash number into your database or run the sHash variable through it  .

sHash := UpperCase(sHash)

You could also run the edit1.text through the function instead.

On a clear disk you can seek forever