- SQL -

SSS(G) : hiro345http://www.sssg.org/blogs/hiro345/

Raspberry Pi Zero 600

Java Raspberry Pi Python ...Linux

SQL

O'Reilly Japan, Inc.

Bill Karwin 201301

DBSQL1125

.... http://bit.ly/1RbngWV

DB

CREATE TABLE USER_INFO( id SERIAL PRIMARY KEY, email VARCHAR(100) NOT NULL, password VARCHAR(30) NOT NULL);

INSERT INTO USER_INFO (id, email, password) VALUES (1, 'user001@example.jp', 'secret');

SELECT CASE WHEN password = 'secret' THEN 1 ELSE 0 END AS password_matches FROM USER_INFO WHERE id = 1;

SELECT * FROM USER_INFO WHERE id = 1 AND password = 'secret';

SELECT id, email, password FROM USER_INFO WHERE id = 1;

From: system@example.jpTo: user001@example.jpSubject:

user001@example.jpid:1secret

IdentificationAuthenticationIdentification

Authentication

SHA-256cryptographic hash function

SHA-1MD5

SSLMySQLSHA-256

CREATE TABLE USER_INFO( id SERIAL PRIMARY KEY, email VARCHAR(100) NOT NULL, password_hash CHAR(64) NOT NULL);

INSERT INTO USER_INFO (id, email, password_hash) VALUES (1, 'user001@example.jp', SHA2('secret', 256));

SELECT CASE WHEN password_hash = SHA2('secret', 256) THEN 1 ELSE 0 END AS password_matches FROM USER_INFO WHERE id = 1;

password_hash

noaccess ... 16

SHA2( CONCAT('secret', 'hhp70tR7096qGTA2H1kG'), 256)hhp70tR7096qGTA2H1kGPythonWeb

$ python -c '> import string,random;> print "".join(> [random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) > for x in range(20)]> )'
hhp70tR7096qGTA2H1kG

SQL