[Tutor] CGI problem.
Kent Johnson
kent_johnson at skillsoft.com
Sun Nov 7 15:53:07 CET 2004
At 03:05 PM 11/7/2004 +0200, Mark Kels wrote:
>First, I got 49 characters and not 16 in the hash
>(\xc8\xff\xe9\xa5\x87\xb1&\xf1R\xed=\x89\xa1F\xb4E).
Actually I think that is 16 characters. Many of them are being printed as
\x escapes. For example \xc8 represents a single character.
>But, anyway, It doesn't help me...
>I think the problem is to hash the user input (I
>get ��é¥ï¿½&�R�=��F�E,
>and not the real hash).
How is the user input getting converted to UTF-8? The CGI you posted before
showed a content-type of text/html with no charset specified. Usually a
browser will return form data in the same charset as the page containing
the form.
Anyway, I suggest you break your problem in two. One problem is getting
recognizable data from the user in a CGI form. The other problem is
computing MD5 hashes and comparing against the value in a file.
For the CGI piece, see if you can write a program that accepts a password
from the user and prints it out, or compares it to a hard-coded string.
Make sure you get the data you expect in the CGI.
For the MD5 piece, write a program that takes a known correct password,
computes the MD5 hash and compares it with what is in a file.
When you have both of these working, you can combine them into one program.
If you initially write the CGI with a checkPassword() function that just
compares to a fixed string, you can later drop in a checkPassword()
function you develop for the second program. You could even write the MD5
part as a module, then the CGI program just has to import the
checkPassword() function from the module.
Kent
More information about the Tutor
mailing list