If you can't read please download the document
Upload
hiro345
View
3.678
Download
5
Embed Size (px)
Citation preview
- SQL -
SSS(G) : hiro345http://www.sssg.org/blogs/hiro345/
Raspberry Pi Zero 600
Java Raspberry Pi Python ...Linux
SQL
O'Reilly Japan, Inc.
Bill Karwin 201301
DBSQL1125
.... http://bit.ly/1RbngWV
DB
CREATE TABLE USER_INFO( id SERIAL PRIMARY KEY, email VARCHAR(100) NOT NULL, password VARCHAR(30) NOT NULL);
INSERT INTO USER_INFO (id, email, password) VALUES (1, '[email protected]', 'secret');
SELECT CASE WHEN password = 'secret' THEN 1 ELSE 0 END AS password_matches FROM USER_INFO WHERE id = 1;
SELECT * FROM USER_INFO WHERE id = 1 AND password = 'secret';
SELECT id, email, password FROM USER_INFO WHERE id = 1;
From: [email protected]: [email protected]:
[email protected]:1secret
IdentificationAuthenticationIdentification
Authentication
SHA-256cryptographic hash function
SHA-1MD5
SSLMySQLSHA-256
CREATE TABLE USER_INFO( id SERIAL PRIMARY KEY, email VARCHAR(100) NOT NULL, password_hash CHAR(64) NOT NULL);
INSERT INTO USER_INFO (id, email, password_hash) VALUES (1, '[email protected]', SHA2('secret', 256));
SELECT CASE WHEN password_hash = SHA2('secret', 256) THEN 1 ELSE 0 END AS password_matches FROM USER_INFO WHERE id = 1;
password_hash
noaccess ... 16
SHA2( CONCAT('secret', 'hhp70tR7096qGTA2H1kG'), 256)hhp70tR7096qGTA2H1kGPythonWeb
$ python -c '> import string,random;> print "".join(>
[random.choice(string.ascii_uppercase + string.ascii_lowercase +
string.digits) > for x in range(20)]> )'
hhp70tR7096qGTA2H1kG
SQL