Programming Forums

Programming Forums (http://www.programmingforums.org/forumindex.php)
-   Visual Basic (http://www.programmingforums.org/forum18.html)
-   -   password box (http://www.programmingforums.org/showthread.php?t=7001)

ragenuub Nov 15th, 2005 12:42 PM
password box
 
well im following this guide and this code does not seem to work it keeps giving me error, the guide is telling me to make a password box. some error at the first line..

im following this tutorial http://cuinl.tripod.com/tutorials/f-45.htm

:
Private Sub Form_Load()   
Dim password As String
password = InputBox("Please enter the password")
If (password = "let me in") Or (password = "sam sent me") Then
MsgBox "The password is correct!"
Else
MsgBox "incorrect password!"
End
End If

MBirchmeier Nov 15th, 2005 12:57 PM
Quote:
Originally Posted by ragenuub
well im following this guide and this code does not seem to work it keeps giving me error, the guide is telling me to make a password box. some error at the first line..

im following this tutorial http://cuinl.tripod.com/tutorials/f-45.htm

:
 
Dim password As Integer
...
If (password = "let me in") Or (password = "sam sent me") Then
First off password won't ever end up equaling a string value since it's being dimed as an integer (unless VB does some weird type change I'm not familiar with.)

note:The tutorial code even Dims password as a string :D

-MBirchmeier

ragenuub Nov 15th, 2005 1:04 PM
ahh typo, fixed that but it still does the same thing O.o

it says

"Compile error
expected End Sub"

then marks

Quote:
Private Sub Form_Load()
with yellow

Rory Nov 15th, 2005 1:31 PM
Bear in mind that if this is actually going in for real life use, and is protecting sensitive information, it could be trivially defeated.

If you actually designing this for a public system or something and want this to be secure in any way or robust enough for public exposure, you firstly need to authenticate by comparing hashes rather than values directly (you are opening yourself to memory inspection and disassembly attacks).

Also protect the variable address using the RTL Api (VarPtr) and call SecureZeroMemoryW on it when you are finished (under Windows), as the garbage collection in VB6 is notoriously bad and sometimes doesn't happen. Consult the NTLM reference on MSDN, as it has good documentation on general memory sanitization in VB6.

Alternatively use a language that deals with memory properly, or use an purpose built external authentication system.

ragenuub Nov 15th, 2005 2:47 PM
Quote:
Originally Posted by Rory
Bear in mind that if this is actually going in for real life use, and is protecting sensitive information, it could be trivially defeated.

If you actually designing this for a public system or something and want this to be secure in any way or robust enough for public exposure, you firstly need to authenticate by comparing hashes rather than values directly (you are opening yourself to memory inspection and disassembly attacks).

Also protect the variable address using the RTL Api (VarPtr) and call SecureZeroMemoryW on it when you are finished (under Windows), as the garbage collection in VB6 is notoriously bad and sometimes doesn't happen. Consult the NTLM reference on MSDN, as it has good documentation on general memory sanitization in VB6.

Alternatively use a language that deals with memory properly, or use an purpose built external authentication system.

umm im quit newb i didnt get much of that information O.o, but ill look into it for the future. It's not for any real life use just for fun, thanks tho. so anyone know why it says that error? is the tutorial missing something?

::edit::

figured it out

:
  End
End If
End Sub

had to add that to the end

ivan Nov 15th, 2005 3:46 PM
Hard questions around here... :)


All times are GMT -5. The time now is 11:18 AM.

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC