MirceaLzr Posted October 6, 2011 Share Posted October 6, 2011 Hello i try to add some line in my db table and i get this error. [Err] 1048 - Column 'password' cannot be null [Err] INSERT INTO acl ( username, password, staffname ) VALUES ( 'mbz', encrypt('mbz','mbz'), 'mbz' ); [Msg] Finished - Unsuccessfully INSERT INTO acl ( username, password ) VALUES ( 'the_username', encrypt('the_password','the_username') ); [b]Or this one[/b] INSERT INTO acl ( username, password, staffname ) VALUES ( 'the_username', encrypt('the_password','the_username'), 'John Soandso' ); The db table code is CREATE TABLE acl ( id int(16) NOT NULL auto_increment, username varchar(16) DEFAULT '' NOT NULL, password varchar(16) DEFAULT '' NOT NULL, staffname varchar(32) DEFAULT '' NOT NULL, string varchar(100), PRIMARY KEY (id) ); Where is the problem???The password must be encrypt but dosen't work.Thnks Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 6, 2011 Share Posted October 6, 2011 Are you running this on a windows server? If crypt() is not available on your system (as is the case with Windows), ENCRYPT() always returns NULL. Quote Link to comment Share on other sites More sharing options...
MirceaLzr Posted October 6, 2011 Author Share Posted October 6, 2011 Are you running this on a windows server? If crypt() is not available on your system (as is the case with Windows), ENCRYPT() always returns NULL. Yes i use on windows.What i need to do? Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 6, 2011 Share Posted October 6, 2011 Find an alternative method of encryption I do believe the PHP variant runs on a Windows server. If you dont want to use PHP, you can use MD5 or SHA1. Have a look around. Encryption and Compression Functions Quote Link to comment Share on other sites More sharing options...
MirceaLzr Posted October 6, 2011 Author Share Posted October 6, 2011 And you can help me with the code to add one username with encryp password?I have little script and i need one username for that but i dont now how.I find this but i dont now it is ok "$sql="INSERT INTO account (username, sha_pass_hash, email) VALUES ('$username','SHA(UPPER($username:$password))','$e mail')";" Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 6, 2011 Share Posted October 6, 2011 Try this as your query.. $sql="INSERT INTO account (username, sha_pass_hash, email) VALUES ('$username',SHA(UPPER(\"$username:$password\")),'$email')"; Quote Link to comment Share on other sites More sharing options...
MirceaLzr Posted October 6, 2011 Author Share Posted October 6, 2011 I make the user and when i try to login nothing.http://mbzrealtruck.ro/panou/cauta/LOOK HERE DEMO I create Username:Mbz pass: mbz This is the script code: <? //How this script works: // Username and password are checked for authenticity. // If success: // Generate a MD5 string from TIME() // Store that string in the database for that user // Set that username, password, and string as a cookie on user's machine // If failure: // Log username and IP address to a file //During subsequent page loads: // Retrieve data stored in cookie // Match all three fields stored in cookie with database info. // If success: // Page load may continue // Otherwise user is presented with login form //New user query: "insert into acl (username, password) VALUES ('theusername', encrypt('thepassword','theusername'));" //Change password query: "update acl set password=encrypt('mypass','theusername') where username='theusername';" // Database settings .. these must work!! $db_hostname = 'localhost'; //Server where MySQL is running. $db_user = 'xxxxxxxxxxxxxx'; //Username to connect with. $db_pass = 'xxxxxxxxxxxxxxx'; //Password to connect with. define( "DATABASE", "xxxxxxxx" ); //Database name where table 'acl' is located. //Logging defines. Comment out the following two lines for no logging. define( "BASE_DIR", "/usr/local/myappdir" ); //Your site's base directory (outside of docroot) define( "AUTH_LOG", BASE_DIR . "/logs/auth_log" ); //Filename/subdirectory of logfile. Make sure the file // exists and is writeable by the owner of your webserver // process. Usually 'nobody'. //define( "IMAGE", "images/ourimage.jpg" ); //Image for the title page. Comment out the line for none. define( "TITLE", "Please Login" ); //Title for the login page. define( "EXPIRE", 14400 ); //Seconds until the cookie expires. $bg_color = '#FFFFFF'; $text_color = '#000000'; $link_color = '#BC80C3'; $vlink_color = '#BC80C3'; $alink_color = '#9d9d9d'; function DisplayLoginForm ($err_string) { require('htmldoc.inc'); global $THIS_URL; global $bg_color; global $text_color; global $link_color; global $vlink_color; global $alink_color; $html = new htmldoc(); $html->printheader( $bg_color, $text_color, $link_color, $vlink_color, $alink_color, TITLE ); ?> <CENTER> <? if (defined("IMAGE")) { ?> <IMG SRC="<? echo $root_url . IMAGE?>" BORDER="0"> <? } ?> <BR><BR> <FONT SIZE=+1 COLOR="#FF0000"><? echo $err_string ?></FONT> <FORM NAME=login ACTION=<? echo $THIS_URL ?> METHOD=post> <TABLE BORDER=0> <TR> <TD><B>Username:</B></TD> <TD><INPUT NAME="username" TYPE="text" SIZE="10"></TD> </TR> <TR> <TD><B>Password:</B></TD> <TD><INPUT NAME="password" TYPE="password" SIZE="10"></TD> </TR> </TABLE> <BR> <INPUT TYPE="submit" VALUE="Log in"> </FORM> <? $html->printfooter(); exit; } function GenerateSecret ( $username, $encrypted_password ) { $md5str = MD5( TIME() ); $cookie_val = "$username-$encrypted_password-$md5str"; setcookie( "php_mini_auth", $cookie_val, time()+EXPIRE); $arg = "update acl set string='$md5str' where username='$username'"; $row = mysql_db_query( DATABASE, $arg ); } function AuthenticateUser ( $username, $password ) { global $ip; global $host; global $referer; $arg = "select password, 1 as auth from acl where username='$username' and password=encrypt('$password','$username')"; $row = mysql_fetch_array(mysql_db_query( DATABASE, $arg )); if ($row[auth]) { if (defined( "AUTH_LOG" )) error_log( date("Ymd H:i:s") . " -- $ip -- Username: '$username' authenticated\n", 3, AUTH_LOG); GenerateSecret( $username, $row[password] ); } else { if (defined( "AUTH_LOG" )) error_log( date("Ymd H:i:s") . " -- $ip -- Username: '$username' authentication failure\n", 3, AUTH_LOG); DisplayLoginForm( "Please log in .." ); } } function AuthenticateCookie ( $cookie, $username, $password ) { $cookie_var = split("-", $cookie); $ck_username = $cookie_var[0]; $ck_password = $cookie_var[1]; $secret = $cookie_var[2]; $arg = "select 1 as auth from acl where username='$ck_username' and password='$ck_password' and string='$secret'"; $row = mysql_fetch_array(mysql_db_query( DATABASE, $arg )); if (!($row[auth])) AuthenticateUser ( $username, $password ); else return $ck_username; } mysql_connect($db_hostname,$db_user,$db_pass) or die("Unable to connect to the SQL server..."); $THIS_URL=getenv("SCRIPT_NAME"); $ip = getenv("REMOTE_ADDR"); $host = getenv("REMOTE_HOST"); $referer = getenv("REMOTE_REFERER"); if ($php_mini_auth) $username = AuthenticateCookie( $php_mini_auth, $username, $password ); else if ($username) AuthenticateUser( $username, $password ); else DisplayLoginForm( "Please log in ..." ); $result = mysql_db_query( DATABASE,"SELECT * from acl WHERE username='$username'"); $row=mysql_fetch_row($result); ?> <? class htmldoc { //Class constructor. function htmldoc() { return; } function printheader ( $bg_color, $text_color, $link_color, $vlink_color, $alink_color, $title ) { ?> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> <HTML><HEAD><TITLE><?php echo $title; ?></TITLE> </HEAD> <BODY bgcolor="<?php echo $bg_color; ?>" text="<?php echo $text_color; ?>" link="<?php echo $link_color; ?>" vlink="<?php echo $vlink_color; ?>" alink="<?php echo $alink_color; ?>"> <? } function starttimer ( $root_url ) { ?> <META http-equiv="Refresh" content="1800;URL=<?php echo $root_url; ?>/logout.php3;TARGET=_top"> <? } function printfooter () { ?> </BODY></HTML> <? } } ?> And this one.This script is autentification script system for all pages. Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 6, 2011 Share Posted October 6, 2011 You still have a reference to ENCRYPT $arg = "select password, 1 as auth from acl where username='$username' and password=encrypt('$password','$username')"; inside the AuthenticateUser function, this needs to be changed to reflect your new method. Quote Link to comment Share on other sites More sharing options...
MirceaLzr Posted October 6, 2011 Author Share Posted October 6, 2011 I make the user with this command: <!-- Design by: Codename RT Coded by: Codename RT © 2010 Luckynr7 All Rights Reserved --> <?php include("config.php"); $usr ="$_POST[id]"; $var ="$_POST[password]"; $sql="INSERT INTO acl (username, staffname, string, password) VALUES ('$_POST[account]','$_POST[staffname]','2', SHA1(CONCAT(UPPER('$usr'),':',UPPER('$var'))))"; if (!mysql_query($sql)) { die('Error: ' . mysql_error()); } echo "<br>"; echo "<br>"; echo "<br>"; echo "<br>"; echo "<center>"; echo "<h2>Account Created</h2>"; echo "<br>"; echo "<br>"; echo "Account login details,"; echo "<br>"; echo "<br>"; echo "Username: $usr"; echo "<br>"; echo "Password: $var"; echo "<br>"; echo "E-Mail: $_POST[email]"; echo "</center>"; ?> <header> <link href="content.css" rel="stylesheet" type="text/css" /> </header> Quote Link to comment Share on other sites More sharing options...
MirceaLzr Posted October 8, 2011 Author Share Posted October 8, 2011 You still have a reference to ENCRYPT $arg = "select password, 1 as auth from acl where username='$username' and password=encrypt('$password','$username')"; inside the AuthenticateUser function, this needs to be changed to reflect your new method. I make this line but dosen't work" $arg = "select password, 1 as auth from acl where username='$username' and password=md5('$password','$username')"; Quote Link to comment Share on other sites More sharing options...
awjudd Posted October 8, 2011 Share Posted October 8, 2011 You have MD5 as your password however, in your INSERT query you are using SHA1(CONCAT(UPPER('$usr'),':',UPPER('$var'))) to insert the encrypted password. You need to be consistent if you want to pull the data back. ~juddster Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.