Is it possible to define in auth.pl that there is no encyption wanted? How should i do?

Yes, it's definitely possible.

Look closely at auth.pl and db.cgi to find where the encryption sequences are. My suggestion is to do a search for the word "crypt." I would also suggest that you not delete the lines, but merely place a # in front of them (to make them appear as comment lines). In case you change you're mind, it's a whole lot easier to fix.



------------------
JPD

thanks for the answer, but it is not working yet:

if i really delete the sentences where i find crypt i delete also variables as password.

Can you say exactly what i have to do? Ik i delete the word crypt in mentionned files, the result in DEFAULT.PASS is hoi:1~~1:1:1:1:1


--> in auth you find crypt once:
<> (($in{'userid'} eq $userid) && (crypt($in{'pw'}, $pw) eq $pw)) {

==> should become ?? ($in{'userid'} eq $userid) && (($in{'pw'}, $pw) eq $pw)) {


--->in db.cgi twice:

>> $password = crypt($in{'password'}, $salt);
==> should become: $password = ($in{'password'}, $salt);

you have also variable:
my $encrypted = crypt($in{'password'}, $salt);

==> should become??: my $encrypted = ($in{'password'}, $salt);

If i delete the word crypt in all this sentences it is not working, what have i to do??

Well, I didn't mean that you just delete the lines with the word "crypt." I meant that those were the lines you would edit and some you would delete.

Take a look at my mod for allowing users to look up a lost password. It's at http://www.drizzle.com/~hall/dbmod/lookup.txt

You won't need to use all of it if you just want to remove encryption, but there's some stuff at the bottom of the page that should help you out.


------------------
JPD

Thanks for your tip to the page mentionned. Although it contains a mistake. When changing the permessions of a user as administrator you 'll see that the password isnot saved in the password file.

--> here you find the text: and below the correction. Hope that it helps somebody.
change

foreach $line (@lines) {
if ($line =~ /^$in{'username'}:/) {
my $password = (split (/:/, $line))[1];
unless ($password eq $in{'password'}) {
my @salt_chars = ('A' .. 'Z', 0 .. 9, 'a' .. 'z', '.', '/');
my $salt = join '', @salt_chars[rand 64, rand 64];
$password = crypt($in{'password'}, $salt);
}
print PASS "$in{'username'}:$password:$in{'per_view'}:$in{'per_add'}:$in{'per_del'}:$in{'per_mod'}:$in{'per_admin'}\n";
$found = 1;
}
else {
print PASS $line;
}
}


to

foreach $line (@lines) {
if ($line =~ /^$in{'username'}:/) {
print PASS "$in{'username'}:$in{'password'}:$in{'per_view'}:$in{'per_add'}:$in{'per_del'}:$in{'per_mod'}:$in{'per_admin'}:$in{'email'}\n";
$found = 1;
}
else {
print PASS $line;
}
}



===> should become

change

foreach $line (@lines) {
if ($line =~ /^$in{'username'}:/) {
my $password = (split (/:/, $line))[1];
unless ($password eq $in{'password'}) {
my @salt_chars = ('A' .. 'Z', 0 .. 9, 'a' .. 'z', '.', '/');
my $salt = join '', @salt_chars[rand 64, rand 64];
$password = crypt($in{'password'}, $salt);
}
print PASS "$in{'username'}:$password:$in{'per_view'}:$in{'per_add'}:$in{'per_del'}:$in{'per_mod'}:$in{'per_admin'}\n";
$found = 1;
}
else {
print PASS $line;
}
}


to

foreach $line (@lines) {
if ($line =~ /^$in{'username'}:/) {
my $password = (split (/:/, $line))[1];
unless ($password eq $in{'password'}) {
$password = $in{'password'};
}


print PASS "$in{'username'}:$in{'password'}:$in{'per_view'}:$in{'per_add'}:$in{'per_del'}:$in{'per_mod'}:$in{'per_admin'}:$in{'email'}\n";
$found = 1;
}
else {
print PASS $line;
}
}

Thanks for letting me know about the error. (I think someone else mentioned it, too, but I forgot to fix it.)

I'm glad it helped.

------------------
JPD