ad_check_password

one of the documented procedures in this installation of the ACS

Usage:

ad_check_password db user_id password_from_form

What it does:

Returns 1 if the password is correct for the given user ID.

Defined in: /web/philip/packages/acs-core/security-procs.tcl

Source code:


    set selection [ns_db 0or1row $db "
        select password
        from users
        where user_id = $user_id
        and user_state='authorized'
    "]

    if {$selection == ""} {
	return 0
    }

    set_variables_after_query

    # If we are encrypting passwords in the database, convert so we can compare
    if  [ad_parameter EncryptPasswordsInDBP "" 0] { 
	set password_from_form [ns_crypt $password_from_form [ad_crypt_salt]]
    }

    if { [string compare [string toupper $password_from_form] [string toupper $password]] } {
	return 0
    }

    return 1

philg@mit.edu