Creating a database....?

Okay, so firstly, LUA isn't actually my primary coding language, I am an intermediate at programming in C# as I study it as an A level. However, I love Minecraft and Computercraft is an essential for me!

Recently I created a simple Username and Password login system… the code will be below. I want to know how I can create some sort of database / server link as to allow for people to create their own Users/Passwords. At the moment everything is hard coded… how can I create a server link + encryption?

Note: I have not used rednet before and I know it will require the use of it…. plus I never really bother with the layout when using Computercraft so may be a tad messy :P/>

Here is my code:

os.pullEvent = os.pullEventRaw
term.clear()
term.setCursorPos(12, 5)
term.setTextColor(10)
term.write("Please enter your username:")
term.setCursorPos(14, 6)
term.setTextColor(1)
user = io.read()
userID = 0
while userID < 1 do
term.clearLine()
if user == "MrMark2202" then
userID = 1
term.clearLine()
term.setCursorPos(6, 5)
term.setTextColor(10)
term.write("Welcome Mark. Please enter your password:")
term.setCursorPos(14, 6)
term.clearLine()
term.setTextColor(1)
password = io.read()
elseif user == "ShowKitten" then
userID = 2
term.clearLine()
term.setCursorPos(6, 5)
term.setTextColor(10)
term.write("Welcome Tom. Please enter your password:")
term.setCursorPos(14, 6)
term.setTextColor(1)
term.clearLine()
password = io.read()
elseif user == "debug" then
userID = 3
else
term.setCursorPos(6, 5)
term.clearLine()
term.setTextColor(10)
term.write("Incorrect username, please try again:")
term.setCursorPos(14, 6)
term.setTextColor(1)
term.clearLine()
user = io.read()
term.clearLine()
end
end
i = 4
while i > 1 do
if user == "MrMark2202" and password == "lolpassword" or user == "ShowKitten" and password == "lolpassword2 then
term.clear()
term.setCursorPos(10, 5)
term.setTextColor(3)
term.write("Enjoy your stay.")
redstone.setOutput("back", true)
sleep(1)
os.shutdown()
elseif user == "debug" then
i = 0
else
i = i - 1
term.clearLine()
term.setCursorPos(6, 5)
term.setTextColor(10)
term.write("Incorrect password. Attempts remaining: "..i)
term.setCursorPos(14, 6)
term.clearLine()
term.setTextColor(1)
password = io.read()
end
end
if i == 1 then
term.setCursorPos(6, 5)
term.setTextColor(10)
term.write("Incorrect password, Attempts remaining: 0")
term.setCursorPos(10, 6)
term.write("System shutting down")
sleep(3)
os.shutdown()
elseif i == 0 then
term.setCursorPos(6, 5)
term.setTextColor(10)
term.write("System Overide. Core access granted")
term.clear()
term.setCursorPos(1, 1)
end

The passwords were changed to lolpassword and lolpassword2 for security sake.

Do you mean like a php database or a computer that acts as a server database where computers and check their login(s)?

I mean a computer that acts as a server database, just to store the login information securely… I want the system to allow people to create username's and passwords that have to be authorized by say and Admin account… but I also want everything to be stored in a separate location so it can be encrypted and stored.

Hi, a SQL database is possible in Lua but I don't know much about it. Anyway, what your after is probably a table except the a few (minor) issues with this, that everytime you restart the program is that any data in the table will be refreshed unless it has been written in the program.

MrMark2202, on 28 March 2013 - 08:54 AM said:

I mean a computer that acts as a server database, just to store the login information securely… I want the system to allow people to create username's and passwords that have to be authorized by say and Admin account… but I also want everything to be stored in a separate location so it can be encrypted and stored.

I would use tables, serialise and save to a file. Consider how important the data is, because as far as I know no one has made a good encryption utility (but I haven't looked in to it greatly).

Here is a brief example of what I mean.

--create a table with the data
tData = {
	 username = "JohnSmith",
	 password = "password"
}
--alternatively you can do this
tData = {}
tData['username'] = "JohnSmith"
-- and so on
--to allow saving it you need to serialize it, which essentially converts it to a string and backslashes stuff
sData = textutils.serialize(tData)
--to read the data back in simply do
tData = textutils.unserialize(sData)

I haven't included saving and writing the file, look on the wiki for how to do that. You need to save 'sData' and load to 'sData' for the save and load respectively.

what the hell is an "A level"? o.O

the easiest way to do this is to have a table of all the details that gets saved out to a file (via textutils serialize) and read from the file when loading up (using textutils unserialise). then using the new modem channels have a dedicated channel that the server takes requests from and then process and sends back the response. I suggest a setup something like this (just the basic functions, to get the communication logic have a look at the computercraft wiki)

local tDetails = {}

local function saveAccounts()
  local h = fs.open( '.db/.data', 'w' )
  h.write( textutils.serialize(tDetails) )
  h.close()
end

local function loadAccounts()
  local h = fs.open('.db/.data', 'r' )
  tDetails = textutils.unserialize( h.readLine() )
  h.close()
end

local function newUser( user, pass )
  if tDetails[user] then
	return false, 'Already exists'
  end
  tDetails[user] = pass
  saveAccounts()
end

local function deleteUser( user, pass )
  if not tDetails[user] then
	return false, 'No user with that name'
  end
  if tDetails[user] == pass then
	tDetails[user] = nil -- account gone
	saveAccounts()
  else
	return false, 'Incorrect password'
  end
end

local function validateAccess(user, pass)
  if tDetails[user] and tDetails[user] == pass then
	return true
  else
	return false, 'Incorrect username or password' -- you want to be generic here, they shouldn't be told what is wrong
  end
end

oeed, on 28 March 2013 - 07:48 PM said:

I would use tables, serialise and save to a file. Consider how important the data is, because as far as I know no one has made a good encryption utility (but I haven't looked in to it greatly).

?

Using a php database would be more secure because people can still access the files of the server and open the file with the account names/passwords

remiX, on 28 March 2013 - 09:10 PM said:

oeed, on 28 March 2013 - 07:48 PM said:

I would use tables, serialise and save to a file. Consider how important the data is, because as far as I know no one has made a good encryption utility (but I haven't looked in to it greatly).

?

That isn't encryption… that is hashing. he doesn't mean just secure the password, he means secure all the data in the file. which might I add is fairly useless in an open source environment.

Hash the entire table :P/>

Oh I agree, if you have something secure don't keep it on a ComputerCraft computer. I was under the impression by server he mean another computer.

EDIT: Infact, thats what he did mean…

I mean a computer that acts as a server database, just to store the login information securely… I want the system to allow people to create username's and passwords that have to be authorized by say and Admin account… but I also want everything to be stored in a separate location so it can be encrypted and stored.

So no need for any PHP or SQL.

remiX, on 28 March 2013 - 09:16 PM said:

Hash the entire table :P/>

you could, but what if it is some kind of data that needs to be retrieved and not just compared?

In reality, its not really possible to have any form of half decent hashing/encryption on ComputerCraft at the moment. If you do, it prevents people from taking a quick look. But because it's all 'open source' as such it's impossible. Case closed, cya.

oeed, on 28 March 2013 - 10:11 PM said:

In reality, its not really possible to have any form of half decent hashing/encryption on ComputerCraft at the moment. If you do, it prevents people from taking a quick look. But because it's all 'open source' as such it's impossible. Case closed, cya.

It is possible to have decent hashing on ComputerCraft. and it has been done. http://www.computerc...44-and-sha-256/
It also is possible to have a decent encryption, however a bug in LuaJ is stopping most of the algorithms from being created atm and anyone who attempts it atm is just making simple very bad algorithms.
really the point to both hashing and encryption is to allow the hacker to know everything about it and still not be able to reverse it. this cannot be said about the most the current encryptions on these forums.

Along the lines of that GravityScores SHA256 doesn't match the PHP's SHA256