<%
const TBL_LOGIN  = "users_table_name"
const FLD_PASS  = "password_field_name"
const DB_NAME   = "db_name"

Dim dbconnection
Set dbConnection = server.CreateObject("ADODB.Connection")

Dim strConnection
strConnection = "PROVIDER=Microsoft.Jet.OLEDB.4.0;" & _
"Data Source=" & Server.MapPath(DB_NAME)

dbConnection.ConnectionString = strConnection
dbConnection.Open

Dim RecordSet
Set RecordSet = server.CreateObject("ADODB.Recordset")

Dim SQL
SQL = "SELECT * FROM " & TBL_LOGIN

RecordSet.open SQL , dbConnection,1,2

total=0
enc=0
doencrypt=false

if Request("do")="encrypt" then doencrypt=true

do  until RecordSet.eof
  if doencrypt then
    total=total+1
 
    if not encrypted(RecordSet(FLD_PASS)) then
      RecordSet(FLD_PASS)=md5(RecordSet(FLD_PASS))
      RecordSet.Update
    end if
 
    enc=enc+1
 
else
  total=total+1
  if encrypted(RecordSet(FLD_PASS)) then
    enc=enc+1
  end if
 
  RecordSet.MoveNext
loop

Recordset.Close
Set Recordset=Nothing
dbconnection.Close
Set dbconnection=Nothing

function encrypted(str)
if len(str)<>32 then
  encrypted=false
  exit function
 end if
 
 dim i
 for i=1 to 32
   c = asc(mid(str,i,1))
   if (c<asc("0") and c>asc("9")) and (c<asc("a") or c>asc("f")) then
     encrypted=false
     exit function
  end if
 next

  encrypted=true

end function
%>

<html>
<head><title>Encrypt passwords</title></head>
<body>
Total passwords in the table - <%=total %><br>
<% if enc=total and total>0 then %>
All passwords are encrypted.
<% elseif total>0 then %>
Unencrypted - <%=(total-enc)%><br><br>
Click "GO" to encrypt <%=(total-enc) %> passwords.<br>
WARNING! There will be no way to decipher the passwords.<br>
<input type=button value="GO" onclick="window.location='encrypt.asp?do=encrypt';">
<% end if %>
</body>
</html>

discuss this topic to forum