Want password hack for Matt's old calendar script

Discussion in 'Perl Misc' started by Butch, Feb 18, 2004.

  1. Butch

    Butch Guest

    I am using Matt Kruse's old calendar script [no version number in the
    comments] and want to have multiple user/password capability to allow
    more than one person to administer it without sharing the
    username/passwords. Has any one already written this hack and would
    be willing to share it?

    Thanks,
    Butch
    Butch, Feb 18, 2004
    #1
    1. Advertising

  2. Butch

    Trent Curry Guest

    Butch wrote:
    > I am using Matt Kruse's old calendar script [no version number in the
    > comments] and want to have multiple user/password capability to allow
    > more than one person to administer it without sharing the
    > username/passwords. Has any one already written this hack and would
    > be willing to share it?
    >
    > Thanks,
    > Butch


    Well for starters using any of Matt's scripts as been long deemed flawed
    in anything reguarding security. If you want to modify the script, I'd
    suggest usign a data base and doing lookups. Mysql works well, as a
    quick and free solution.

    Some moduels to handle Mysql lookups:

    Mysql.pm
    perl -MCPAN -e 'install Mysql'
    http://search.cpan.org/author/RUDY/DBD-mysql-2.9003/lib/Mysql.pm

    DBD::mysql.pm
    perl -MCPAN -e 'install DBD::mysql'
    http://search.cpan.org/~rudy/DBD-mysql-2.9003/lib/DBD/mysql.pm

    Just create your tables, then right a query to see if the user exists
    and if the password (I'd recommends a crypt'ed or a md5-hex'ed password)
    matches.

    MD5.pm
    perl -MCPAN -e 'install MD5'
    http://search.cpan.org/~gaas/MD5-2.03/MD5.pm

    --
    Trent Curry

    perl -e
    '($s=qq/e29716770256864702379602c6275605/)=~s!([0-9a-f]{2})!pack("h2",$1
    )!eg;print(reverse("$s")."\n");'
    Trent Curry, Feb 18, 2004
    #2
    1. Advertising

  3. Butch

    Uri Guttman Guest

    >>>>> "T" == Trent Curry <> writes:

    T> Butch wrote:
    >> I am using Matt Kruse's old calendar script [no version number in the
    >> comments] and want to have multiple user/password capability to allow
    >> more than one person to administer it without sharing the
    >> username/passwords. Has any one already written this hack and would
    >> be willing to share it?



    T> Well for starters using any of Matt's scripts as been long deemed flawed
    T> in anything reguarding security. If you want to modify the script, I'd
    T> suggest usign a data base and doing lookups. Mysql works well, as a
    T> quick and free solution.

    different matt. this is kruse and the bad kiddie scripter is write.

    and to the OP, fix it on line 17.

    uri

    --
    Uri Guttman ------ -------- http://www.stemsystems.com
    --Perl Consulting, Stem Development, Systems Architecture, Design and Coding-
    Search or Offer Perl Jobs ---------------------------- http://jobs.perl.org
    Uri Guttman, Feb 18, 2004
    #3
  4. Butch

    Trent Curry Guest

    Uri Guttman wrote:
    >>>>>> "T" == Trent Curry <> writes:

    >
    >> Butch wrote:
    > >> I am using Matt Kruse's old calendar script [no version number

    > in the >> comments] and want to have multiple user/password
    > capability to allow >> more than one person to administer it
    > without sharing the >> username/passwords. Has any one already
    > written this hack and would >> be willing to share it?
    >
    >
    >> Well for starters using any of Matt's scripts as been long deemed
    >> flawed in anything reguarding security. If you want to modify the
    >> script, I'd suggest usign a data base and doing lookups. Mysql works
    >> well, as a quick and free solution.

    >
    > different matt. this is kruse and the bad kiddie scripter is write.
    >
    > and to the OP, fix it on line 17.


    Thanks for clearing that up Uri.

    --
    Trent Curry

    perl -e
    '($s=qq/e29716770256864702379602c6275605/)=~s!([0-9a-f]{2})!pack("h2",$1
    )!eg;print(reverse("$s")."\n");'
    Trent Curry, Feb 18, 2004
    #4
  5. Butch

    Uri Guttman Guest

    >>>>> "T" == Trent Curry <> writes:

    >> different matt. this is kruse and the bad kiddie scripter is write.


    wright. should at least spell his name correctly when dissing him.

    T> Thanks for clearing that up Uri.

    not that the calendar script the OP is using is any better. i would
    wager many quatloos that it is of the same crap quality of wright's
    scripts. it sounds like it is free and unsupported and of use only to
    kiddies who don't know perl.

    if you want a decent perl based web calendar, then check out
    webevent.com. there are others out there too.

    uri

    --
    Uri Guttman ------ -------- http://www.stemsystems.com
    --Perl Consulting, Stem Development, Systems Architecture, Design and Coding-
    Search or Offer Perl Jobs ---------------------------- http://jobs.perl.org
    Uri Guttman, Feb 18, 2004
    #5
  6. Butch

    Trent Curry Guest

    Uri Guttman wrote:
    >>>>>> "T" == Trent Curry <> writes:

    >
    > >> different matt. this is kruse and the bad kiddie scripter is

    > write.
    >
    > wright. should at least spell his name correctly when dissing him.
    >
    >> Thanks for clearing that up Uri.

    >
    > not that the calendar script the OP is using is any better. i would
    > wager many quatloos that it is of the same crap quality of wright's
    > scripts. it sounds like it is free and unsupported and of use only to
    > kiddies who don't know perl.


    Bawaa, how many script kiddies named Matt that freely destribute bad
    scripts are there... jeepers.

    > if you want a decent perl based web calendar, then check out
    > webevent.com. there are others out there too.


    I've seen that one in action, very nice. Good call.

    --
    Trent Curry

    perl -e
    '($s=qq/e29716770256864702379602c6275605/)=~s!([0-9a-f]{2})!pack("h2",$1
    )!eg;print(reverse("$s")."\n");'
    Trent Curry, Feb 18, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. LH

    Matt's Form Mail.pl

    LH, Jun 13, 2006, in forum: HTML
    Replies:
    2
    Views:
    548
  2. Replies:
    2
    Views:
    1,106
    Stan McCann
    Jul 13, 2006
  3. AAaron123
    Replies:
    2
    Views:
    2,148
    AAaron123
    Jan 16, 2009
  4. AAaron123
    Replies:
    1
    Views:
    1,333
    Oriane
    Jan 16, 2009
  5. Replies:
    3
    Views:
    136
    Dr John Stockton
    Apr 4, 2006
Loading...

Share This Page