Using Encryption for site security

Any of our esteemed tutorial makers do a tutorial on using SHA encryption with Wappler?

Maybe @psweb or @t11 have already something in the pipeline?

Hey Brad,
You can check this as it is the same as in DW:

I already took a look at that one … it uses the old data bindings panel so I think it’s quite old isn’t it?

I did do one in the first series of stuff here.
Use the quick selector, and find Create Server Connect Login Action


Thanks PAul, I’ll take a look!

1 Like

The encryption is being applied on sever side so it doesn’t really matter, but Paul’s link is great :slight_smile:

Save yourself some time and go to about 1h10m brad which is specifically about the SHA encryption.


Unfortunately I will only be showing the other side of the SHA on the next video Brad, I just watched this part back and saw it was only the login section and not the insert step, sorry, I hope it helped though.

1 Like

Am I correct in thinking that SHA-256 is 64 characters long and Wappler generates it in lowercase letters?

Yes, thats correct, 64 character long, as lowercase, so maybe use a char type in your db because it is always a fixed type 64 characters.

Yes, I used the CHAR type, just wanted to make sure I had the proper length. Thanks for your help Paul.

1 Like

I look forward to your video on encrypting the password on insert. I think your video helped a lot with the Log In form part but I can't see a way to encrypt the password when entering a new user through a form. :frowning:

I think I figured it out … I was over thinking it. I’ll let you know how I make out.

Brad this is already explained in the video I sent. The sever side part is the same, it doesn't matter if you are using app connect or HTML5 data bindings.

Yeah, the lightning bolt selectors weren't immediatly visible in Wappler. Pretty sure I got it now.

1 Like

I will try explain lets say that you have a form on your page that is going to insert to the database and the password input is id=“password” as an example

<div class="form-group row">
  <label for="password" class="col-sm-2 col-form-label">Desired Password *</label>
  <div class="col-sm-10">
    <input type="password" class="form-control" id="password" name="password" placeholder="Enter Password" required="" maxlength="300" data-msg-maxlength="Please enter no more than 300 characters.">

Then in Server Connect you have an action lets say called insert_user, it has $_POST variables for all your form inputs, and in the steps it will have your database connection step first, then your database insert step.

On the Insert Options for the password field I have it set as Type= Text and this as the value


Sorry I did not see your I got there post before i hit the reply button, glad it is working

Also don’t judge my max-length of 300 I was doing some extreme testing to see if even something input that is longer than the 64 characters would still HASH back down to the 64. Answer is Yes, incase you were wondering.

1 Like

This may help @brad