?

Log in

No account? Create an account
okay.. this is probably one of the more stupid questions ever posted… - LiveJournal Client Discussions — LiveJournal [entries|archive|friends|userinfo]
LiveJournal Client Discussions

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

[Jun. 12th, 2002|05:20 pm]
LiveJournal Client Discussions

lj_clients
[taezou]
okay.. this is probably one of the more stupid questions ever posted here (and even then i'm not sure if this is the right place to ask!) but..
well i guess there is something in the protocol that i don't understand. i'm just starting with a client, and i cannot even figure out how to login properly!
if i send: 
mode=login&user=test&password=test
like the protocol page says, everything works fine! however, if i replace the username and password with a 'real' one (ie. mine) it says "invalid password" ... i've tried this with multiple people's accounts and it never works. i -have- to be missing something here, and i'll probably feel stupid when someone what's wrong but... what AM i doing incorrectly?
linkReply

Comments:
[User Picture]From: sol3
2002-06-12 03:23 pm (UTC)
If you have any odd characters in your password, e.g. a + or an & or some such, it may not be going through proplery, so you may need to url-encode your password before sending it up.

--Dg
(Reply) (Thread)
[User Picture]From: youngoat
2002-06-12 03:28 pm (UTC)

Content-length

Are you forgetting to change "Content-length: 34" to give the actual length of the request?
(Reply) (Thread)
From: taezou
2002-06-12 03:31 pm (UTC)

hahaha.

i knew i'd feel stupid when i got the answer. :) that's exactly what i was doing wrong :(
thanks
(Reply) (Parent) (Thread)
(Deleted comment)
[User Picture]From: xb95
2002-06-12 04:52 pm (UTC)

Re: hahaha.

The MD5 hash has to be LOWERCASE. This tripped me up for so long. G'luck.
(Reply) (Parent) (Thread)
[User Picture]From: drbrain
2002-06-19 08:41 pm (UTC)

MD5 passwords

Even still, MD5 passwords don't offer much more security. The only real benefit is that nobody can come to LJ, drop in your password, and change your styles. It still comes across a packetsniffer thusly: mode=login&username=test&hpassword=... it'd be nice to have true digest authentication for the truly paranoid.
(Reply) (Parent) (Thread)
[User Picture]From: mart
2002-06-20 07:10 am (UTC)

Re: MD5 passwords

Actually, since the LJ site itself uses MD5 hashed passwords in lots of places (think editstyle_do.bml when it resubmits to itself), having an MD5 hash isn't much better!

(Reply) (Parent) (Thread)
[User Picture]From: mart
2002-06-20 07:11 am (UTC)

Re: MD5 passwords

Uuuh, that would be /styles/edit_do.bml these days. Heh.

(Reply) (Parent) (Thread)