Hi a friend of mine asked me to recover a password of a program written in clipper back in 1994. I got myself a decompiler (Valkyrie 5) and decompiled the EXE-file. I located a procedure called USERLOGIN. The problem is that i dont know how to program in clipper. I would be very thankfull if someone could edit the procedure so it won't ask for authentication anymore.
#include "common.ch"
#include "inkey.ch"
********************************
Function USERLOGON
Local Local1:= -1, Local2:= .F., Local3, Local4, Local5:= 3, ;
Local6:= 3, Local7:= 7, Local8:= 41, Local9, Local10, Local11, ;
Local12, Local13, Local14, Local15
Local3:= 1
Local9:= {}
Local13:= setcursor()
If (!netuse(diskname() + ":" + dirname() + "\" + "sinusr.dbf", ;
"users"))
Return Local1
EndIf
dbSetFilter({ || users->valid })
Local14:= box(Local5, Local6, Local7, Local8, Nil, ;
coltonum("GR+/B"))
Do While (!Local2)
Local10:= Space(12)
Local11:= Space(10)
setcursor(1)
If (!Empty(n_shellver()))
Local10:= padr(nnetwhoami(), 12)
EndIf
wininfo(Local14, @Local5, @Local6, @Local7, @Local8)
@ Local5 + 1, Local6 + 5 Say "User............." Color "GR+/B"
SetPos(Row(), Col() + 1)
AAdd(Local9, __Get({ |_1| IIf(ISNIL(_1), Local10, Local10:= ;
_1) }, "cUName", "@K!", Nil, Nil):display())
@ Local5 + 2, Local6 + 5 Say "Password........." Color "GR+/B"
SetPos(Row(), Col() + 1)
AAdd(Local9, __Get({ |_1| IIf(ISNIL(_1), Local11, Local11:= ;
_1) }, "cUPass", "@K!", Nil, Nil):display())
Local9[2]:reader({ |_1| gt_grpassw(_1) })
wreadmodal(Local9, 0)
Local11:= Local9[2]:cargo()
Local9:= {}
If (LastKey() == K_ESC .OR. !winisinuse(Local14))
If (winisinuse(Local14))
winclose(Local14)
EndIf
Return Local1
EndIf
Local10:= alltrim(Local10)
Local12:= {}
Locate For Local10 == alltrim(users->emri)
Do While (Found())
AAdd(Local12, users->id)
Continue
EndDo
For Local4:= 1 To Len(Local12)
If ((Local15:= upass(Local12[Local4])) != Nil)
If (alltrim(Local11) == Local15)
Local2:= .T.
Exit
EndIf
EndIf
Next
EndDo
If (users->id != Local12[Local4])
users->(dbGoTop())
Locate For Local12[Local4] == users->id
If (!Found())
msg("Fatal error in user's file !", 3)
Return -1
EndIf
EndIf
For Local4:= 1 To MaxCol()
winchgpos(0, 3)
Next
boxc(Local14)
setcursor(Local13)
If (users->in)
tone(500, 10)
Local4:= al_box("User " + Trim(users->emri) + ;
" is already IN;" + "Do You Want to Jump In ?", 2, ;
{" Yes ", " No "}, 2, "WARNING")
If (Local4 == 1)
msg("More than One User with the same Name might cause Trouble !", ;
3)
Else
Close
Return -1
EndIf
ElseIf (netrlock())
Replace users->in With .T.
Unlock
dbcommit()
Else
Close
Return -1
EndIf
Static148[1]:= users->id
Static148[2]:= alltrim(users->emri)
Static148[3]:= alltrim(users->dirpriv)
Static148[4]:= users->gjuha1
Static148[5]:= users->gjuha2
Static148[6]:= alltrim(users->emriiplote)
Local1:= Static148[1]
Close
Return Local1
* EOF
This is partially guesswork, but here's my interpretation:
Read the user's password from the console into Local9[2]:
@ Local5 + 2, Local6 + 5 Say "Password........." Color "GR+/B"
...
Local9[2]:reader({ |_1| gt_grpassw(_1) })
wreadmodal(Local9, 0)
Put the password into Local11:
Local11:= Local9[2]:cargo()
Fetch all user ids into Local12 via Local10:
Locate For Local10 == alltrim(users->emri)
Do While (Found())
AAdd(Local12, users->id)
Continue
EndDo
Get each user's password into Local15, and if the password's present and matches the password in Local11, verify the user:
For Local4:= 1 To Len(Local12)
If ((Local15:= upass(Local12[Local4])) != Nil)
If (alltrim(Local11) == Local15)
Local2:= .T.
Exit
EndIf
EndIf
Next
The fix
Just remove the password check code. Not being certain about the purpose of all the rest of the code, I'd recommend leaving it alone. I've preserved the retrieval of the user's password, as maybe there's a good reason not to log in a user who has no password at all (perhaps that's how an account is disabled. The last block above could be changed to this:
For Local4:= 1 To Len(Local12)
If ((Local15:= upass(Local12[Local4])) != Nil)
Local2:= .T.
EndIf
Next