go stack URL question

Mark Schonewille m.schonewille at economy-x-talk.com
Wed Oct 2 12:15:07 CEST 2013


Hi JBV,

Sure, you can encrypt the stack and decrypt it when your standalone 
downloads the stack. You might want to avoid decrypting and opening very 
large remote files.

This code is a bit verbose. You could write a separate function to check 
the result to make the code a little shorter.

Your standalone only needs the decStack handler. Note that anyone who 
manages to access your code can see the key and may download and decrypt 
your file and have a look at it with a copy of LiveCode. Keeping keys 
and passwords in programming code is never save.

// encrypt stack and save to hard disk
// upload your hard disk manually with an
// ftp application
on encStack
   answer file "Select stack..."
   if it is not empty then
     put url ("binfile:" & it) into myStack
     put the result into rslt
     if rslt is not empty then
       beep
       answer error rslt
     else
       set the itemDel to "."
       put item 1 to -2 of it & "enc.gz" into myName
       ask file "Save as..." with myName
       if it is not empty then
         put it into myPath
         put encKey() into myKey
         encrypt myStack using "blowfish" with myKey
         put the result into rslt
         if rslt is not empty then
           beep
           answer error rslt
         else
           put compress(myStack) into url ("binfile:" & myPath)
           put the result into rslt
           if rslt is not empty then
             beep
             answer error rslt
           else
             set the clipboardData["text"] to myKey
             beep
             answer "The key has been copied to the clipboard. Use this 
key in the decStack handler" with "OK"
           end if
         end if
       end if
     end if
   end if
end encStack

// function used by encStack
// to create a key
function encKey
   repeat until length(myKey) is 128
     put numToChar(random(255)) after myKey
     if last char of myKey is in (return & linefeed) then
       delete last char of myKey
     end if
   end repeat
   return myKey
end encKey

// use this handler in your standalone
// to decrypt and open your stack
on decStack
   put "ReplaceThisWithYourKey" into myKey
   put "http://www.mydomain.com/data/mystack.enc.gz" into myUrl
   put url myUrl into myStack
   put the result into rslt
   if rslt is not empty then
     beep
     answer error rslt
   else
     put decompress(myStack) into myStack
     put the result into rslt
     if rslt is not empty then
       beep
       answer error rslt
     else
       decrypt myStack using "blowfish" with myKey
       put the result into rslt
       if rslt is not empty then
         beep
         answer error rslt
       else
         go stack myStack
         put the result into rslt
         if rslt is not empty then
           beep
           answer error rslt
         end if
       end if
     end if
   end if
end decStack

--
Best regards,

Mark Schonewille

Economy-x-Talk Consulting and Software Engineering
Homepage: http://economy-x-talk.com
Twitter: http://twitter.com/xtalkprogrammer
KvK: 50277553

Use Color Converter to convert CMYK, RGB, RAL, XYZ, H.Lab and other 
colour spaces. http://www.color-converter.com

Buy my new book "Programming LiveCode for the Real Beginner" 
http://qery.us/3fi

Fill out this survey please
http://livecodebeginner.economy-x-talk.com/survey/

On 10/2/2013 11:26, jbv at souslelogo.com wrote:
> Hi list,
>
> Let's say you have a standalone that you distribute to your clients,
> and that standalone consists only in a splashscreen with login/pwd
> fields.
> Depending on the login/pwd entered a
> "go stack URL "http://www.mydomain.com/data/mystack.rev" is then
> executed.
> Is there a way to somehow encrypt the stack on the remote server so
> that its content can't be viewed with some sniffer, but have the stack
> executing on the client pc without having to do anything ?
>
> Thanks
> jbv
>



More information about the use-livecode mailing list