Site Security SHA-1 or MD5

Hi there

I’m now full-on with developing a new site to replace one I built some years ago with Dreamweaver. I’m using the same database and am currently working through the security provider extension. My database has the passwords stored with the SHA-1 hash and I think this is why my login form keeps giving the alert of incorrect password.

How do I tell the Security Provider to use SHA-1?



When you add the Security Login component to your Login action you created in Server Connect, it will give you the Login Properties

To the right of each property there is the lightening bolt to take you to your dynamic data, click each to select the $_POST variable assigned to your form fields, however with the password field it is slightly different if using something like SHA1.
You click the dynamic data selector, and in the first window you select the Globals > $_POST > the-name-of-your-password-variable, click that but before hitting Select, click the magic want icon instead to add some data formatting.
The data formats window will appear, select the $_POST variable, then click the + button, scroll down to Cryptographic, select Generate SHA1 Hash, select the Salt, now enter your Salt in the Properties, click Select, then click Select again.

Now your dynamic variable should look something like

Hope that helps, please follow the steps and do not just copy my end result, otherwise Wappler will not add the supporting js files to your document head for the Formatters.

1 Like

Brilliant! Hadn’t spotted that extra level of settings. Implemented what you suggested and it’s working perfectly.

Many thanks :slight_smile:

1 Like