Login
Important alert: (current site time 5/21/2013 10:03:39 PM EDT)
 

VB icon

MySQL Sign up Script

 Email
Submitted on: 7/15/2003 11:29:09 AM
By: Damian myerscough  
Level: Advanced
User Rating: By 3 Users
Compatibility: 5.0 (all versions), Active Perl specific, 4.0 (all versions), 3.0 (all versions), Pre 3.0
Views: 5557
 
     The code adds a username and a password to a MySQL database with abit of messin you can make Login scripts, Mailing scripts easy to update site faster etc
 
code:
Can't Copy and Paste this?
Click here for a copy-and-paste friendly version of this code!
 
Terms of Agreement:   
By using this code, you agree to the following terms...   
  1. You may use this code in your own programs (and may compile it into a program and distribute it in compiled format for languages that allow it) freely and with no charge.
  2. You MAY NOT redistribute this code (for example to a web site) without written permission from the original author. Failure to do so is a violation of copyright laws.   
  3. You may link to this code from another website, but ONLY if it is not wrapped in a frame. 
  4. You will abide by any additional copyright restrictions which the author may have placed in the code or code's description. 
				
=**************************************
= Name: MySQL Sign up Script
= Description:The code adds a username and a password to a MySQL database with abit of messin you can make Login scripts, Mailing scripts easy to update site faster etc
= By: Damian myerscough
=
= Inputs:Username and Password
=
= Returns:Username and Password added to the MySQL database
=
= Assumes:You will need to create a web page which will have a form on with to text areas for the username and passwd
=
= Side Effects:you will need:
Crypt::CBC
Crypt::Blowfish
Crypt::khazad
Crypt::Rijndael
=
=This code is copyrighted and has= limited warranties.Please see http://www.Planet-Source-Code.com/vb/scripts/ShowCode.asp?txtCodeId=490&lngWId=6=for details.=**************************************

#!/usr/bin/perl -w
#
# This script is a sign up script which uses MySQL
# Also I have added Encryption So no one can see the
# password.
#
# Encryption used:
# [*] Blowfish[*]
# [*] RC4[*]
# [*] khazad [*]
# [*] Rijndael[*]
# [*] MD5[*] 
# [*] Crypt [*]
# ##################
# Coded By; Damian Myerscough 2003
# ~~~~~~~~~~~~~~~~~~~~~~~
#
use DBI;
use Crypt::CBC;
use Crypt::Blowfish;
use Crypt::RC4;
use Crypt::Rijndael;
use Digest::MD5 ('md5', 'md5_hex', 'md5_base64');
use CGI qw(:standard);
print"Content-type: text/html\n\n";
$username = param('username');
$password = param('password');
if($password =~ m/[`\$\\"';& ... + % < > * | ? : ( ) # { } ~ !]/)
{
 &Error;
}
if($username =~ m/[`\$\\"';& ... + % < > * | ? : ( ) # { } ~ !]/)
{
 &Error;
}
sub Error()
{
 print"Error you have tryed to use an illegal character<br>";
 print"Illegal Characters List:<br>";
 print"`<br>\n".
 "\x5C <br>\n".
 "\x22 <br>\n".
 "'<br>\n".
 ";<br>\n".
 "&<br>\n".
 ".<br>\n".
 "+<br>\n".
 "\$<br>\n".
 "%<br>\n".
 "< > <br>\n".
 "*<br>\n".
 "|<br>\n".
 "?<br>\n".
 ":<br>\n".
 "[ ] <br>\n".
 "( ) <br>\n".
 "#<br>\n".
 "{ } <br>\n".
 "~<br>\n".
 "!<br>\n";
 print"These Characters Have Been Filtered Out To Stop SQL Injection<br>".
 "And Any Tampering With The Way The Script Works.<br>";
 
 
 
}
$Cipher = Crypt::CBC->new({'key'=> '007xDamox700',
			'cipher' => 'Blowfish',
			'iv' => '![$`2}%q',
			'regenerate_key' => 0,
			'padding'=> 'space',
			'prepend_iv' => 0
			 });
$etext = $Cipher->encrypt("$password");
my $key = 'xDam0x';
my $IV = pack("H16", 0);
my $cipher = Crypt::CBC->new({'key' => $key,
			 'cipher' => 'Khazad',
			 'iv' => $IV,
			 'regenerate_key' => 1,
			 'padding' => 'standard',
			 'prepend_iv' => 0
 });
$text = $cipher->encrypt("$etext");
$encrypted = RC4($etext, $text);
$CIpher = new Crypt::Rijndael "XdAmOiAnLkInxYtA", Crypt::Rijndael::MODE_CBC;
$CIpher->set_iv($IV);
$Plain = "$encrypted";
$Plain128 = get128($Plain);
$ciphered = $CIpher->encrypt($Plain128);
sub get128 {
	my $data = shift;
	return "\0" x ( 128 - length($data)%128 ) . $data;
}
$Finalx = md5($ciphered);
$Finalz = md5_hex($Finalx);
$Final = md5_base64($Finalz);
$Finished = crypt("$Final", F1n4l);
our ($dbh, $sth);
my $sql = "(\x4E\x55\x4C\x4C, \x22$username\x22, \x22$Finished\x22)";
$dbh = DBI->connect("DBI:mysql:host=localhost;database=infos",
"contact", "sh311B",
{PrintError => 0, RaiseError => 1});
$sth = $dbh->prepare("INSERT INTO users VALUES $sql");
$sth->execute();
$sth->finish();
print"username $username added \n";
$dbh->disconnect();
exit(0);


Other 35 submission(s) by this author

 
Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:
Your Vote

What do you think of this code (in the Advanced category)?
(The code with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)
 
Other User Comments
7/19/2003 9:48:32 PMRandy McCleary

Nice work on the script, this can be very helpful for anyone that needs to do a good login script. Keep up the good work.
(If this comment was disrespectful, please report it.)
 
7/20/2003 7:17:32 PMholobyted

Nice work, but I have some notes.. if you don't mind. 1) You don't have to remove the characters, you can use the DBI->quote function to escape these charaters. 2) You could make it simpler and use a call to PASSWORD(text) along with a VARCHAR/TEXT field.. if I'm not mistaken, this uses MD5 encryption already.

Once again, nice work.
(If this comment was disrespectful, please report it.)
 
9/4/2003 10:33:12 AM

2 points: 1 - is there really anything
to gain after the second encryption?
2 - do we gain anything at all by
encrypting after the password gets sent over the web?
(If this comment was disrespectful, please report it.)
 
Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular code, please click here instead.)
 

To post feedback, first please login.

Search:

Newest postings for Perl.

Add this ticker to my site

Daily code email

Click here to join the 'Code of the Day' mailing list!

This site on CD

Over 7,000 submissions on a super fast CD!

Code/Articles

Top Code

Community

Jobs

Other

Goto…

Copyright© 1997-2013 by Exhedra Solutions, Inc. All Rights Reserved.
By using this site you agree to its Terms and Conditions. Planet Source Code™ and the phrase "Dream It. Code It"™ are trademarks of Exhedra Solutions, Inc.