From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jose Celestino Subject: Re: MySQL obnoxious question Date: Tue, 19 Feb 2008 17:44:36 +0000 Message-ID: <20080219174436.GD4470@co.sapo.pt> References: <47BB75CE.7070701@gmail.com> Mime-Version: 1.0 Content-Transfer-Encoding: QUOTED-PRINTABLE Return-path: Content-Disposition: inline In-Reply-To: <47BB75CE.7070701@gmail.com> Sender: linux-admin-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="iso-8859-1" To: =?iso-8859-1?Q?M=E1rio?= Gamito Cc: linux-admin@vger.kernel.org Words by M=E1rio Gamito [Wed, Feb 20, 2008 at 12:35:26AM +0000]: > Hi, > > Sorry for the little off-topic, but the vpoopmail list is kind of dea= d. > So is the diablo mailing list and I don't see any diablo nntp related questions here. > I'm running a qmail server with vpopmail with MySQL authentication. > > For obnoxious reasons, I'm running a web site in Windows/ASP.NET/C# t= hat=20 > once a user registers, it inserts in the MySQL qmail server the usern= ame,=20 > password, etc. > > It's in the password that the problem lies. > I need to hash it just before or after the MySQL INSERT statement. > For that, I have to run a PHP shell script that follows my signature. > > Problem is MySQL doesn't run external commands. > All that does is generate a random md5 salt and do an md5 crypt of the password. Why would you want to run that on an external command? I guess you can easily do it on c#. > > > function randltr() { > $retval =3D 'a'; > $rand =3D rand() % 64; > if ($rand < 26) $retval =3D $rand + 'a'; > if ($rand > 25) $retval =3D $rand - 26 + 'A'; > if ($rand > 51) $retval =3D $rand - 52 + '0'; > if ($rand =3D=3D 62) $retval =3D ';'; > if ($rand =3D=3D 63) $retval =3D '.'; > return($retval); > } > > function mkpasswd3(&$clearpass, &$crypted) { > srand ((double)microtime()*1000000); > > $salt =3D '$1$'; > for ($i =3D 0; $i < 5; $i++) $salt .=3D randltr(); > $salt .=3D '0'; > $crypted =3D crypt($clearpass, $salt); > if (strlen($crypted) > 0) return(true); > return(false); > } > > $clearpass =3D 'yeshua'; > $crypted =3D ''; > > if (mkpasswd3($clearpass, $crypted)) > printf("%s -> %s\n", $clearpass, $crypted); > else > echo("Ohoh"); > - --=20 Jose Celestino ---------------------------------------------------------------- http://www.msversus.org/ ; http://techp.org/petition/show/1 http://www.vinc17.org/noswpat.en.html ---------------------------------------------------------------- "If you would have your slaves remain docile, teach them hymns." -- Ed Weathers ("The Empty Box") - To unsubscribe from this list: send the line "unsubscribe linux-admin" = in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html