I want to use one of the Wappler hash security features. With a unique SALT string.
So that the User login values are encrypted on Submit & the query matches a unique Authorized User in the server table by those encrypted login field values.
But I would need to import hundreds to thousands of Authorized User records which are given to me in plain text. I cannot convert such a list one record at a time, obviously. So I need to convert each “username” and “password” text value in my plain text mysql table with the same encryption method I am going to specify for encrypting the Login Username and Password online.
Can I see the Wappler query that encrypts these 2 inputs on post submission?
And then create a mysql or php script that loops through my plain text records and converts these 2 fields the same way & using the specified SALT value I’ve chosen?
So that the query quickly UPDATES thousands of text value login fields which will match the Wappler encryption generated when a user tries to log in.
Creating a whole new table with the correctly encrypted values to compare with the Login encrypted form inputs?
You can create a database query, which returns all the records from the database, loop through them using a repeat and put an update record step inside the repeat. Using the update record step you can update the values as you wish, when the server action runs.
I’d go a step further and add new columns for the data in to the same table and carry out the repeat as Teodor mentions above, but write to these new columns rather than the original columns, just as a precaution. And, I believe you would do this anyway, backup the table. If your server modal is PHP increase the execution time, again a precaution, although should be fine, especially worth doing this if you are dealing with a very large data set.
I’ve written such queries which is why I mentioned them but, again, my question is can I incorporate the Wappler hash function with the same Salt string.
After I have created a Wappler server action to encrypt Username and Password values as they are converted from text form input to a hash algorithm with a Salt string, when submitted from a Wappler form — Can I simpy pull that hashing query from the generated Wappler action file to use in my looping query for thousands of records to be hashed the same way in a mass update or export to another table?
Will the Wappler query run outside of Wappler as a stand-alone query targeting my database?
Create the initial query for the Users, then add a repeat to it. Select what you want to output, in the following example I’m just using the id of the record for the salt (not a good idea, we prefer to use a secret salt from outside of the db). Inside the repeat add an update action, selecting the users id as the condition, set the algorithm for the hash and define the salt, as below:
You do not need a form to run this Action, just add a button to a blank page, add the Action to the page with no auto run, then on the button have an on click dynamic event to fire the Action. No need to complicate things with forms here.
Hope that makes sense. The above images are just an example I knocked up to show you the simplicity as it sounds complicated, but its really not. Obviously you’ll want to replace the salt with what you are using, in the above, as I mentioned, I’ve used the id of the record.
Is exactly what he outlines above. We have used this method several times for updating tens of thousands of records in the past. I think the largest record set we did was around 90k records or so, went without a hitch.