I don't personally suggest the method you are inquiring about.... most password systems as of late, have been using an MD5 (or some other algorithm) to "Hash" the password. Just a little defination here, a Hash is a string that can NOT be decrypted. It's gone through some crazy algorithms that make the string permanently encrypted. Under normal circumstances, this doesn't seem like a very good plan huh? What we do next, though, is when we want to see if the password is correct, is we use the exact same algorithm to Hash what the user types in for the password, and compare the two Hashes with each other. Naturally, if both Hashes are identical, then the password must clearly be the same too. This increases the workload of a password cracker significantly, and adds countless more attempts to a bruteforce attack.

There are pretty good encryption algorithms out there that are pretty darn secure, and at the same time, are decryptable (such as blowfish and triple des) and most of these require a key pair, that gets generated, and only the partner key of something encrypted can decrypt it.

If you aren't THAT worried about security, and only want to keep prying eyes from seeing the password in plain text, then you could do something as simple as an XOR encryption, which is nothing more than an exclusive OR of bits.

Ok, This code was taken from http://www.frez.co.uk/freecode.htm#md5 . You can use the class module to instantiate an instance and use the md5 call of it. Like so:

Dim oMD5 As CMD5
Set oMD5 = New CMD5
Hash  = oMD5.MD5("Your Password Here")

Attached is the test project appended to the site I previously mentioned.

Hi Iafia,

If all you want to do is shift the letters three steps you can easily do that by taking the ASCII value of each letter add three to it and then convert it back to a character, i.e.

Dim Password As String
Dim i As Integer
Dim Return As String

Return = ""
For i = 1 To Len(Password)
   Return = Return & Chr(Asc(Mid(Password, i, 1)) + 3)
Next

This will work for all text input as long as you don't use the last three characters of the standard 256 ASCII character set, which I sincerely doubt will be used since they are special characters.

Hope this helps

Happy coding

Yomet

You never clear the results variable. The results variable always gets added to, because results = results & Chr(Asc(Mid(Password, i, 1)) + 3), which means, results is equal to results and the return of these nested functions, every time it's called (I'm not going to go into variable scope here). When the button is clicked, you need to have it set results = "" before the for loop.

A few pointers and critique here (if you are one of those people who can't stand criticism, stop reading, your answer is above).

Point 1
Indent Your Code
I know that on small projects, it's no big deal... but when you get into larger bigger projects, if you don't indent your code for clarity, YOU WILL get lost in it. Indenting is a necessary part of programming and debugging, and regardless of project size, should still be adhered to. Ideally, The code should be:

For i = 1 To Len(Password)
    Result = Result & Chr(Asc(Mid(Password, i, 1)) + 3)
Next

If Text1.Text = "" Then
     MsgBox "Please key in your password"
Else
     Text2.Text = Result
End If

Point 2
Code Placement
You test if the textbox is empty, After you perform the operation on the textbox...(you encrypt the data in the textbox, AND THEN, you test if it's empty or not...You should test it first, because even though the for loop doesn't care if the textbox is empty, if it was different scenario, where it wrote it to a database or used it in some other means, you could encounter some problems.

Point 3
vbnullstring
You'll make your VB code run a LOT faster by replacing "" with vbnullstring where applicable. "" is still considered a sting (an empty string), where vbnullstring is a special character. 1 or 2 times probably won't make a difference, but again, on big applications you can see some serious speed increase on timestamps of running code if you make this minor adjustment, and stick to it now. It operates the same for the most part, with the exception that it's a lot faster. I don't always do it, but it's something that's really good to know and a practice that's really good to be in.

Iafa,

The answer to your problem is quite simple, even if not obvious. You declared all your variables in the beginning of the module. This means that they will retain their value for the whole run of the program, therefore, when you encrypt a new password the variable Result already contain the current encrypted password and hence the new password is appended.

You should take the habit of having as few public variables as possible in your programs, using parameters to pass values to functions and subs or letting each sub in a form read the values from the controls instead. This makes for better code, easier debugging (since you don't have to worry about what has been done to the vaiable somewhere else) and more variables available (since you can use the same names is different subs).

So your solutions are the following:
1) Move the variable declarations inside the Click event handler, i.e.

Private Sub Command1_Click()
   Dim Password As String
   Dim i As Integer
   Dim Result As String
....

2) Reset the value of Result each time, i.e.

...
Result = ""
For i = 1 To Len(Password)
...

I strongly suggest the first for the reasons stated above but the second option will work as well.

Happy coding

Yomet

In truth I agree with Yomet on this.... I didn't want to delve into variable scope, because some people have a real hard time understanding scope... the best solution is to put the variables in the proper scope.

Hi Comatose,

Thanks for the pointer about vbNullString, I had no idea that it would speed the application and will start using it immediately.

As for your other comments I could not agree more to what you are saying.

Thx

Yomet

Iafa,

Could you please repost your project since I keep getting the error:
File not found: "\testing\save.frm"

It seems you made some changes to the names in your "testing" project and then didn't update the MCW_Main project you attached.

I want to help you but I cannot continue without the updated project. A little hint, move your "Save.frm" from testing to MCW_Main it will make it easier for you to include it and for us to follow since there's only one directory concered.

As for your problem, I had a hunch but it proved wrong, please help me help you.

Thx

Yomet

Iaifa,

Sorry for the late reply but my HD died on Fri night and then my Motherboard fried last night.... :(

Good to hear that you made some progress on the project it seems to be doing the encryption well now, at least I didn't get any of the errors you specified in your previous postings, i.e. "Syntax error in query" and "Object variable not set" so I assume that you have corrected these two problems. If not just say so.

Now for the three current questions:

How to search the database:
Add a button to your OrderDetails form and paste the following code into the event procedure

adoOrders.CommandType = adCmdText
    adoOrders.RecordSource = "SELECT * FROM OrderDetails WHERE [Order No] = 'MCW0003'"
    adoOrders.Refresh

As you can see you set the type of command that the ado uses to be of text type, you then set the actual query statement you want and last do a refresh. The only thing you need now is a text box for entering the order number and you're set.

How to display a list of all orders:
I would create a form with a list box with as many comlumns as you need and then loop through the recordset to populate the listbox. Remember that you don't need to use the data control if you just declare a recordset type variable, i.e.

Private Sub PopulateListbox()
    Dim conn As Connection
    Dim rs As Recordset
    
    Set conn = New ADODB.Connection
    conn.Provider = "Microsoft.Jet.OLEDB.4.0;"
    conn.ConnectionString = App.Path & "\MCW2002.mdb"
    conn.Open
    Set rs = New ADODB.Recordset
    rs.Open "SELECT * FROM OrderDetails", conn
    While Not rs.EOF
        'Populate your listbox here
        rs.MoveNext
    Wend
    rs.Close
    Set rs = Nothing
    conn.Close
    Set conn = Nothing
End Sub

Sure coding everything and using variables instead of controls makes for more typing, however, (and this is a BIG however) it gives you total control over when and how recordsets open, close and refresh. This is VERY important when you start dealing with many recordsets at once. For example a form with 10 Data controls on tables of a few thousand records each will be slow to load (it has to populate all the controls at load time) whereas a form using variables will load immediately, unless you load all the variables in the Form_Open sub, and then you can deal with the recordsets after.
Another thing here is to make sure you close and release (Set rs = Nothing) the recordsets and connections when you are done with them, I trust no language to do the memory cleaning if I can do it myself.

Encrypting order numbers and quantites:
Sure you can encrypt these details, just use the same method as for encrypting the passwords. I am just wondering why you would like to encrypt these details but that's part of your decision making.

Hope these answers help and

Happy coding

Yomet