password displaying in debug mode

Hi Lalit,

Naturally the debugger shows the value of a password field.
For Uniface it is a field like all other fields.

It sounds like you also store passwords without encrypting them.
That is a really dangerous thing to do.
Have a look at $encrypt and $decrypt to see how you can store encrypted passwords in the database etc.
Then you also will only see encrypted values in the debugger.

Hi lalit,

think you talk about the return of the $password function.

Unfortunately, the debugger evaluates functions in the same way as as the normal code will do.

If you are not talking about the $password function but a variable containing a password:

The debugger just displays the content of some area in memory and does not care about security.
But here you can decide to use encrypted passwords internally (but have a decrypt function at hand).

So the very best way is to stop people using the debugger in producton environments:

- compile with /nodebug
- rename the debugger executable

Uli

So Lalit,
Is your problem that you don't want end users to debug the application?
Or are you trying to hide the users password for the developer?
Or ...??

I was looking for encrypting the password in debug mode ..meaning the user should see some stars or junk value ..

Password should not be treated like normal variable where we can evaluate the value at run time

Still don't understand "encrypting password in debug mode"

actually i was under the impression that while debugging we can mask the password , as at present when I try to evaluate the variable which stores password .

It shows the exact  password

There is no functionality in Uniface to mask the value of a variable in the debugger.

oh ok thanks for the help