http://www.perlmonks.org?node_id=986668

Velli has asked for the wisdom of the Perl Monks concerning the following question:

Ok, so I have an idea to build a program that is like a time card system in perl. The problem I am facing right now is the password piece of the puzzle. I want to ask a user for a password, if he does not have one then the user creates a password that is specific to them. I want to store that password in a hash. So let's say: my %pword = (Rich => '', Broke => '',); Both Rich and Broke have no passwords, so when they create one, I want to store that input into the key's missing value. I thought about reversing the hash so it can be done, but now I look for other solutions because maybe it will be more complicated. I just want to get that value with the current key, and I found trouble on how to use the user's username to look up the key, and store that password in their value. Any help would be much appreciated. Thank you.

Replies are listed 'Best First'.
Re: Password with hashes
by kcott (Archbishop) on Aug 10, 2012 at 07:27 UTC

    As you're dealing with passwords, I hope you've considered the security implications. If not, please do so.

    A little more code than my %pword = (Rich => '', Broke => '',); would have been useful. I'm not sure why you'd consider reversing the hash. You haven't described what problem you're encountering using a username as a key. Here's a few code snippets that might prove helpful:

    exists $pword{$username}
    Returns TRUE if $username is a key in %pword, FALSE otherwise. See exists.
    length $pword{$username}
    Returns TRUE if a password has been set (i.e. not the original zero-length value of ''), FALSE otherwise. See length.
    $pword{$username}
    Returns the current password for $username.
    $pword{$username} = $password
    Sets a new password for $username.

    If you're having fundamental problems with how to handle hashes, take a look at perldata.

    -- Ken

      I'm not sure why you'd consider reversing the hash.
      Having seen people suggest similar things in the past, my assumption is that the reason for this is so that users can log in using only their password. Which is a thoroughly ill-conceived and insecure way of doing things. So, OP, if that was your intention, please don't do that.

        ++ While I don't recall seeing that usage myself, I completely agree with: ill-conceived, insecure and don't do it.

        -- Ken

Re: Password with hashes
by rohit_raghu (Acolyte) on Aug 10, 2012 at 06:49 UTC
    Do you just want to edit the value for a given key? If so,
    #assume $usr stores current user name print "Enter password:"; my $pass=<STDIN>; chomp($pass); $pword{$usr}=$pass;
    Is this what you're looking for? If not can you elaborate?
    Rohit Raghunathan
Re: Password with hashes
by mendeepak (Scribe) on Aug 10, 2012 at 07:16 UTC

    if you just want to add the value for key, you can do it like this <code> $pword{Rich}="yourpassword"; <code>

    *=*=*dEEPAk*=*=*
Re: Password with hashes
by aitap (Curate) on Aug 10, 2012 at 07:35 UTC
    Use exists to determine whether there is a key in the hash:
    exists $pword{$username} || $pword{$username}=&ask_the_user();
    Sorry if my advice was wrong.
Re: Password with hashes
by I_love_perl (Novice) on Aug 10, 2012 at 15:26 UTC
    Hi,

    If you already have the user name in the hash (i.e as key) then you can check whether it actually holds any value in it by:

    if ($hash{"user_name} =~ /^\s*$/) { # Logic goes here to insert a password $hash{"user_name} = $password; }

    Note that the above logic is written based on the assumption that the password cannot be just space characters and also no need to insert a password to an user who already has a password.