Diese Seite mit anderen teilen ...

Informationen zum Thema:
Forum:
WinDev Forum
Beiträge im Thema:
4
Erster Beitrag:
vor 5 Jahren, 1 Monat
Letzter Beitrag:
vor 5 Jahren, 1 Monat
Beteiligte Autoren:
FMUser, Fabrice Harari

[WD18] HashCheckString failing, Just upgraded from WD 16

Startbeitrag von FMUser am 24.06.2013 16:48

We just upgraded to WD 18 from 16 and are unable to log in to our application in Go mode using username/pw.
The password is saved in a SQL Server 2012 DB, as a varbinary(2048).

Our password check looks like this:
IF NOT HashCheckString(HA_HMAC_SHA_256,sPassword,Users.Password,sSalt) THEN
Info("Password is incorrect.")
END

We used the following code to determine the hashed value for user input compared to value stored in the DB:

trace(Users.Password)
trace(HashString(HA_HMAC_SHA_256,sPassword,sSalt))

And got results like the following, where the result of the database lacks the first two characters of the hashed string:

X‰ÜÞ¦·‚1†•ýaXšpæ™9 R”žeèùæ0
¸àX‰ÜÞ¦·‚1†•ýaXšpæ™9 R”žeèùæ0

When we tested the results in the old version with WD 16, we got

¸àX‰ÜÞ¦·‚1†•ýaXšpæ™9 R”žeèùæ0
¸àX‰ÜÞ¦·‚1†•ýaXšpæ™9 R”žeèùæ0

So basically, it looks like it is being pulled from the database lacking characters in WD 18, we're just not sure why.

Antworten:

Hi

There has been quite a fex bugs reported in 18, so you may have to check that with PCSoft, but before you do that, you may also want to try the following:
One of the big changes between the two version is the inclusion of UNICODE and the fact that many strings are now UNICODE by default...

So it may be that you'll need to change the declaration of your variable as stringANSI (or string UNICODE) instead of simply string to solve the problem, or maybe use one of the UNICODEToxxx or equivalent functions

Best regards

von Fabrice Harari - am 24.06.2013 18:09
One more thing; after the upgrade we sometimes, but not always, get an "Unexpected system error" on the HashCheckString() function. It does not seem to depend on the password or any other constant factor.

von FMUser - am 24.06.2013 18:12
Hi Fabrice,

Thanks for the tip, I just tried about every combination of unicode and ANSI and couldn't get anything to work. There are a lot of errors just dealing with the varbinary, so I think I might need to just hit up PC Soft support. Thanks!

von FMUser - am 24.06.2013 19:26
Zur Information:
MySnip.de hat keinen Einfluss auf die Inhalte der Beiträge. Bitte kontaktieren Sie den Administrator des Forums bei Problemen oder Löschforderungen über die Kontaktseite.
Falls die Kontaktaufnahme mit dem Administrator des Forums fehlschlägt, kontaktieren Sie uns bitte über die in unserem Impressum angegebenen Daten.