jsherk
Posts: 34
|
| Posted: 01/10/2009, 3:42 PM |
|
Okay, I am running XAMPP (MySQL 5 & PHP 5) on my XP Pro machine.
I have created a user table (data_users) in my_database and encrypted the passwords in the password field using the mysql password() function.
In CCS4 I have gone to Project->Settings->Security->Advanced and checked Encrypt Passwords Using Database Function and entered PASSWORD.
When I login via CCS4 generated login page it is succesful and the process works fine.
But I have created another page using the Grid and Record builder in order to be able to add/edit/delete users from this table. Everything works fine, except the password gets stored in the database as regular text instead of encrypted. The Grid and Record builder of course did not know that one of the fields was going to be a password field, so how do I tell it that it needs to encrypt this particular field?
I already modified the html portion of the page and added type="password" to the input field so that it would be hidden while typing, but since password type fields still get passed as text, this does not force it to be encrypted.
Thanks
|
 |
 |
damian
Posts: 838
|
| Posted: 01/10/2009, 5:42 PM |
|
seek and you will find... well sometimes anyway...
http://forums.yessoftware.com/posts.php?post_id=98301&s_keyword=encrypt
_________________
if you found this post useful take the time to help someone else.... :)
|
|
|
|
jsherk
Posts: 34
|
| Posted: 01/10/2009, 6:30 PM |
|
Thanks damian, but I already "seeked and found" that and followed those steps. Everything is working as far as retrieving the encrypted password from the db during login, but when I try to write the password to the db it ends up in the db as plain text instead of encrypted.
How does CCS know a field needs to be encrypted when it is being written to the db?
|
|
|
|
jsherk
Posts: 34
|
| Posted: 01/11/2009, 11:45 AM |
|
Okay I figured it out...
When I initially created my Grid and Record with the builder, I had NOT set the Encrypt Password option in the Security settings yet. Although there may be a work around, I had to delete Grid and Record that I had created, and use the Grid and Form builder to recreate new ones. When you build a Record form AFTER you have enabled Encrypt Password, there is a new checkbox available on one of the builder pages that says: Security-Encrypt Password Value In Database. Simply check this box, and the password field should now be encrypted per your settings in the Security Settings.
|
|
|
|
jsherk
Posts: 34
|
| Posted: 01/11/2009, 11:47 AM |
|
Also note that it is well documented in the Help files under:
Implementing Password Encryption
|
|
|
|
|
