Security aside.
This:
records = SQLTABLE(dba(dba.user.name== name).select(dba.user.password),
headers='fieldname:capitalize')
passworddb = records[1]
should probably be:
passwdb = dba(dba.user.name== name).select(dba.user.password).first().passwd
this:
dba.person.insert(name = 'test', email=password)
are you use storing the password in email is what you want.
Back to security. You should never store password in the database in the
clear. it is a bug NO NO of computer security. That is why there is a CRYPT
validator which salts and hashes the password for you before store it in db.
On Monday, 20 January 2014 10:28:45 UTC-6, Lucas Schreiber wrote:
>
> sure.
>
> So, there is a form where you enter a Password and a username.
> now, the function shall take the username and check if there is any
> username like that in the db. if there is such a username, the
> correspondending Password shall be read and seperated into a variable. now,
> if the Password from the db fetch the Password from the form, the function
> Redirects to one page, else to another ( as you can see, this is just a
> very basic function, and not ready)
>
> hope, now it got more clear :)
>
> Am Sonntag, 19. Januar 2014 19:28:23 UTC+1 schrieb Lucas Schreiber:
>
>> Hi guys,
>>
>> i have this function:
>>
>> def login():
>> form = FORM(
>> 'Name', INPUT(_name='name'),
>> 'password', INPUT(_password='password'),
>> INPUT(_type='submit'))
>> if form.process().accepted:
>> name = form.vars.name
>> records = SQLTABLE(dba(dba.user.name== name).select(dba.user.
>> password),headers='fieldname:capitalize')
>> passworddb = records[1]
>> password = form.vars.password
>> dba.person.insert(name = 'test', email=password)
>> if passworddb == password:
>> redirect(URL('register'))
>> else:
>> redirect(URL('index'))
>>
>> return dict(form=form)
>>
>>
>> As you can see, you enter name and password into a form, and from a db it
>> choose a password correspondending to the username. that part works fine.
>> but the problem is on the part:
>>
>> password = form.vars.password
>>
>> i think this doesnt work, since the line below
>>
>>
>> dba.person.insert(name = 'test', email=password)
>>
>> inserts into another db "test", "none"
>>
>> Do anyone has an idea how to fix this problem? Or can anyone tell me what
>> i did wrong?
>>
>> Thanks for the help,
>> Darren
>>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
