Thanks Tracy, think I can start from the idea you suggested.
Regards,
Fernando
>There are many options to encrypt/decrypt these days. Ideally, you would only store the MD5 hash value of the password in a table. The user would enter a password and you would compare the hash value of what h/she entered to what is stored. If you cannot do that for some reason then I would store the encrypted values in a table and if a key is used, store that in code. You could even do something such as the code below using XorIt (code originated from Hector Correra) and the procedure wordhide even further down:
>
>* description: Encrypts cString with value passed in cMask
>* using Bit XOR operation.
>*
>* Bit XOR operation works like this:
>* XorIt( A, B ) -> C
>* XorIt( C, B ) -> A
>*
>* author: May/2002 - Hector Correa
>* updated:
>*XorIt( "mypassword", "akeytoencrypt" ) -> "someencryptedvalue"
>*XorIt( "someencryptedvalue", "akeytoencrypt" ) -> "mypassword
>
>CLEAR
>*1st time
>lcpassword=""
>lcpassword="x8RockAndRolL1230x9"
>encrypted1=XorIt(lcpassword,'password')
>? "1st try"
>?
>? "Encrypted password: "+encrypted1
>unencrypted1=XorIt(encrypted1,'password')
>? "unencrypted password: "+ unencrypted1
>*2nd time
>lcname=""
>lcname="Tracy C. Holzer"
>encrypted2=XorIt(lcname,'name')
>?
>?"2nd try"
>?
>? "2nd try Encrypted ASCII values:"
>for i=1 to len(encrypted2)
> ?? asc(substr(encrypted2,i,1)),","
>next
>?"Encrypted Name: "+encrypted2
>unencrypted2=XorIt(encrypted2,'name')
>?"Unencrypted name: "+unencrypted2
>unencrypted1=XorIt(encrypted1,'password')
>?"Unencrypted password: "+unencrypted1
>
>Function XorIt( cString, cMask )
>
> if empty( cString )
> return ""
> endif
>
> if empty( cMask )
> return ""
> endif
>
> cRetVal = ""
> nlength = LEN( cString )
> cMask = padr( cMask, nlength, "#" )
>
> FOR i=1 TO nlength
> nChar = ASC( SUBSTR( cString, i, 1 ) )
> nKeyChar = ASC( SUBSTR( cMask, i, 1 ) )
> nNewChar = BITXOR( nChar, nKeyChar )
> cRetVal = cRetVal + CHR( nNewChar )
> NEXT
>
>RETURN cRetVal
>
>We also do something not complicated:
>
>CREATE TABLE u_access (cname c(20), cpass c(30))
>APPEND BLANK
>_xldata=.T.
>CLEAR
>? 'Original Passwword Value=password&120+t|'
>lcval = wordhide('password&120+t|')
>REPLACE cname WITH 'User1'
>REPLACE cpass WITH lcval
>? 'Encrypted value='+lcval
>lnewcval = wordhide(u_access.cpass)
>? 'UnEncrypted Value='+lnewcval
>USE IN u_access
>RETURN
>
>*******************************************
>* Psuedo 16bit data encryption algorithm.
>*
>* Useage: <str1>=wordhide(<str2>)
>* Convert back: <str3>=wordhide(<str1>)
>*
>*******************************************
>*
>PROCEDURE wordhide
>PARAMETER xstr
>
>*--03/18/2003 TCH
>IF UPPER(TYPE('_xldata'))=="U"
> PRIVATE _xldata
> _xldata=.F.
>ENDIF
>
>PRIVATE i,j,ret,xval,temp
>newstr = xstr
>IF _xldata
> newstr = ""
> * Get pairs of characters from the string
> FOR k = 1 TO LEN(xstr) STEP 2
> v3=ASC(SUBSTR(xstr,k+1,1)) + ;
> ASC(SUBSTR(xstr,k,1)) * 256
>
> * Don't encrypt 2 spaces together.
> IF v3=8224
> v4=v3
> ELSE
> v4=messybits(v3)
> ENDIF
> v1 = 0
> v2 = 0
> IF v4 >= 256
> v1 = INT(v4 / 256)
> v4 = v4 - (v1 * 256)
> ENDIF
> v2 = INT(v4)
> newstr=newstr+CHR(v1)+CHR(v2)
> ENDFOR
>ENDIF
>RETURN newstr
>
>*****************************
>PROCEDURE messybits
> *****************************
>
> * This routine takes a 16bit number (0 - 65535), converts it to BINARY and
> * then rearranges the BITS for data encryption.
>
> PARAMETER dword
> PRIVATE _i,_j,retval,_xval,temp
>
> retval = ""
> FOR _j = 15 TO 0 STEP -1
> IF dword >= 2^_j
> retval=retval+"1"
> dword = dword - 2^_j
> ELSE
> retval=retval+"0"
> ENDIF
> ENDFOR
>
> * Move through 16 bits, get every 4th bit and make new binary number
> temp = ""
> FOR _i = 1 TO 4
> FOR _j = 0 TO 3
> temp = temp + SUBSTR(retval,_i+(_j*4),1)
> ENDFOR
> ENDFOR
>
> retval=temp
>
> * Convert the BINARY number back to decimal and, just
> * for fun, flip the BINARY number backwards as we do it.
>
> _xval=0
> FOR _j = 1 TO LEN(retval)
> IF SUBSTR(retval,_j,1) = "1"
> _xval = _xval + 2^(_j-1)
> ENDIF
> ENDFOR
> RETURN _xval
>
