Andrew Odri

There are 2 comments

UPDATE: You can either encode or decode a Dreamweaver password using the form in this post.

I came across a little undocumented behaviour in the Dreamweaver API the other day. The Site.importSite() function (which will import a site from a Dreamweaver site definition file, or *.ste) expects the pw attribute of the remoteinfo element to be encoded… but as what?

Well it turns out each character has to be encoded as a hexadecimal code point, then you have to add  the characters position in the string to this number. For example, lets take the string AAA. The character A has a hex code point of 41. So AAA could look like 414141. Now if we add the characters position in the string to its hex code point, we get 414243. Not too hard, but not exactly obvious either.

In order to dynamically build an *.ste file from Dreamweaver that takes a user defined password, I wrote a little javascript function that will encode a Dreamweaver password:

function encodePassword(input)
    var top = 0;
    var output = '';

    for(var i = 0; i < input.length; i++){
        var currentChar = input.charCodeAt(i);
        if(currentChar < 0 || currentChar > 0xFFFF){return(false);}
        if(top != 0){
            if(0xDC00 <= currentChar && currentChar <= 0xDFFF){
                output += dec2hex(0x10000 + ((top - 0xD800) << 10) + (currentChar - 0xDC00) + i) + '';
                top = 0;
                // Insert alert for below failure
        if(0xD800 <= currentChar && currentChar <= 0xDBFF){top = currentChar;}
        else{output += dec2hex(currentChar + i) + '';}


function dec2hex(input){return(input+0).toString(16).toUpperCase();}

Problem solved! Hope that helps someone else out there too…

UPDATE: I have a password decoder available in javascript too…

function decodePassword(input)
    var output = "";

    if(input.length == 0){return("");}

    for(var i = 0; i < input.length / 2; i++){
        var currentHex = parseInt(input.substr(i * 2, 2), 16);
            if(currentHex <= 0xFFFF){
                output += String.fromCharCode(currentHex - i);
            }else if(currentHex <= 0x10FFFF){
                currentHex -= 0x10000
                output += String.fromCharCode(0xD800 | (currentHex >> 10)) + String.fromCharCode(0xDC00 | (currentHex & 0x3FF) - i);
                //Insert alert for below failure


by Rick

That’s brilliant. I’ve built an app that let’s me more quickly and easily reconfig my WAMP workstation after a re-install, and more generally to centralize information that is used in Dreamweaver and FileZilla so that I may generate XML configuration documents for these programs from the same source of data, stored in a database. When I wrote the class for producing site.ste XML and tested it, I discovered the password encoding problem. Dreamweaver was loading configuration data just fine from the generated XML, but I kept getting login errors over SFTP/FTP. Now I’m stuck until I find a way to encode a plain text password in accordance with Dreamweaver CS3’s algorithm using PHP. I almost have it, but something is wrong…

function dreamweaver_pw_encrypt($pw) {
$out = “”;
$i = 0;
for ($i = 0; $i < strlen($pw); $i++) {
$out .= sprintf(“%02x”, ord($pw{$i}));
return $out;

Leave a Response

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>