Revision | 763fc2c79727edbd8924ffd43bebcd0623df676b (tree) |
---|---|
Time | 2019-07-11 06:17:12 |
Author | yamat0jp <terukohietori@gmai...> |
Commiter | yamat0jp |
password が少し良くなりました
運用可能なレベルでしょうか
セキュアには対応していません
@@ -82,9 +82,10 @@ object DataModule1: TDataModule1 | ||
82 | 82 | FieldName = 'DATE' |
83 | 83 | Origin = '"DATE"' |
84 | 84 | end |
85 | - object FDTable2PASS: TStringField | |
85 | + object FDTable2PASS: TWideStringField | |
86 | 86 | FieldName = 'PASS' |
87 | 87 | Origin = 'PASS' |
88 | + FixedChar = True | |
88 | 89 | Size = 40 |
89 | 90 | end |
90 | 91 | end |
@@ -40,9 +40,9 @@ type | ||
40 | 40 | FDTable3MENTE: TBooleanField; |
41 | 41 | FDTable3INFO: TIntegerField; |
42 | 42 | FDTable3COUNT: TIntegerField; |
43 | - FDTable2PASS: TStringField; | |
44 | 43 | FDTable4ID: TIntegerField; |
45 | 44 | FDTable3PASSWORD: TWideStringField; |
45 | + FDTable2PASS: TWideStringField; | |
46 | 46 | private |
47 | 47 | { Private 宣言 } |
48 | 48 | public |
@@ -1339,7 +1339,7 @@ object TWebModule1: TTWebModule1 | ||
1339 | 1339 | ' <tr><td>' |
1340 | 1340 | |
1341 | 1341 | ' <label><p>'#12497#12473#12527#12540#12489'</p><input name="password" type="passwo' + |
1342 | - 'rd" placeholder="'#21066#38500#29992'">' | |
1342 | + 'rd" placeholder="'#21066#38500#29992'" value=<#pass>>' | |
1343 | 1343 | |
1344 | 1344 | ' </label> / <input type="checkbox" name="show" value="t' + |
1345 | 1345 | 'rue" <#check>><p>'#12503#12524#12499#12517#12540'</p>' |
@@ -3,8 +3,7 @@ unit WebModuleUnit1; | ||
3 | 3 | interface |
4 | 4 | |
5 | 5 | uses System.SysUtils, System.Classes, Web.HTTPApp, Web.DSProd, Web.HTTPProd, |
6 | - Web.DBWeb, System.Variants, System.NetEncoding, System.RegularExpressions, | |
7 | - IdHashSHA, IdGlobal; | |
6 | + Web.DBWeb, System.Variants, System.NetEncoding, System.RegularExpressions; | |
8 | 7 | |
9 | 8 | type |
10 | 9 | TTWebModule1 = class(TWebModule) |
@@ -106,7 +105,7 @@ implementation | ||
106 | 105 | |
107 | 106 | { %CLASSGROUP 'Vcl.Controls.TControl' } |
108 | 107 | |
109 | -uses Unit1; | |
108 | +uses Unit1, IdHashSHA, IdGlobal, IdHash, IdHashMessageDigest; | |
110 | 109 | |
111 | 110 | {$R *.dfm} |
112 | 111 |
@@ -203,17 +202,15 @@ begin | ||
203 | 202 | end; |
204 | 203 | |
205 | 204 | function TTWebModule1.hash(str: string): string; |
206 | -var | |
207 | - s: TIdHashSHA512; | |
208 | 205 | begin |
209 | - s := TIdHashSHA512.Create; | |
210 | - try | |
211 | - result := s.HashStringAsHex(str, IndyTextEncoding_UTF8); | |
212 | - finally; | |
213 | - s.Free; | |
206 | + with TIdHashSHA1.Create do | |
207 | + begin | |
208 | + try | |
209 | + result := HashStringAsHex(str); | |
210 | + finally | |
211 | + Free; | |
212 | + end; | |
214 | 213 | end; |
215 | - if result = '' then | |
216 | - result := 'admin'; | |
217 | 214 | end; |
218 | 215 | |
219 | 216 | procedure TTWebModule1.headerHTMLTag(Sender: TObject; Tag: TTag; |
@@ -232,7 +229,9 @@ begin | ||
232 | 229 | else if TagString = 'preview' then |
233 | 230 | ReplaceText := Request.ContentFields.Values['preview'] |
234 | 231 | else if TagString = 'raw' then |
235 | - ReplaceText := Request.ContentFields.Values['raw']; | |
232 | + ReplaceText := Request.ContentFields.Values['raw'] | |
233 | + else if TagString = 'pass' then | |
234 | + ReplaceText := Request.ContentFields.Values['password']; | |
236 | 235 | end; |
237 | 236 | |
238 | 237 | procedure TTWebModule1.indexHTMLTag(Sender: TObject; Tag: TTag; |
@@ -572,16 +571,25 @@ end; | ||
572 | 571 | |
573 | 572 | procedure TTWebModule1.TWebModule1adminsetAction(Sender: TObject; |
574 | 573 | Request: TWebRequest; Response: TWebResponse; var Handled: Boolean); |
574 | +var | |
575 | + s: string; | |
575 | 576 | begin |
577 | + s := hash(Request.ContentFields.Values['pass']); | |
576 | 578 | with DataModule1.FDTable3 do |
577 | 579 | begin |
578 | 580 | Edit; |
579 | 581 | FieldByName('mente').AsBoolean := Request.ContentFields.Values |
580 | 582 | ['mente'] = 'on'; |
581 | - FieldByName('password').AsString := | |
582 | - hash(Request.ContentFields.Values['pass']); | |
583 | + FieldByName('password').AsString := s; | |
583 | 584 | Post; |
584 | 585 | end; |
586 | + with Response.Cookies.Add do | |
587 | + begin | |
588 | + Name := 'user'; | |
589 | + Value := s; | |
590 | + Expires := Now + 14; | |
591 | + end; | |
592 | + Request.CookieFields.Values['user'] := s; | |
585 | 593 | TWebModule1adminAction(nil, Request, Response, Handled); |
586 | 594 | end; |
587 | 595 |