SA-MP Forums Archive
Trying to make an UCP - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: Trying to make an UCP (/showthread.php?tid=406052)


Trying to make an UCP - A7X_CEEJAY - 08.01.2013

I'm trying to make an UCP, however as many know passwords are encrypted.

is there anyway I can de-crypt them for this login? (obviously so they're not shown, but the login can check the params)

Re: Trying to make an UCP - RedCrossER - 08.01.2013

Well you don't need to decrypt it just encrypt it, simple

Re: Trying to make an UCP - BrandyPenguin - 08.01.2013

You have to hash it like you do on server to compare them. (encrypt password input)

Re: Trying to make an UCP - [HiC]TheKiller - 08.01.2013

If you're hashing passwords with methods such as MD5, SHA1, Whirlpool etc then they cannot be decrypted as they are one way. Just hash the user input and compare it to the hash in the database and that's how you will find your solution. Encryption methods are not as good because if a person obtains your source code then every ones passwords could be stolen.

Re: Trying to make an UCP - SchurmanCQC - 08.01.2013

You probably can't program if you can't solve this simple logic problem.

1. Get raw input.
2. Hash raw input.
3. Compare hashed input with hashed password of user.

Example:
PHP код:
$rawInput $_POST["password"];
$userPass /* HASHED PASSWORD TAKEN FROM MYSQL OR FTP */;
$hashedInput hash("whirlpool"*, $rawInput);
if(strlen($rawInput) != && strlen($userPass) != 0)
{
    if(!strcmp($userPass$hashedInput))
    {
         // CODE HERE!
    }
    else
    {
        echo('Password incorrect.');
        exit;
    }
}
else
{
    echo('Server error. Password field was empty, or something else happened!');
    exit;

* See http://php.net/manual/en/function.hash.php

Re: Trying to make an UCP - A7X_CEEJAY - 08.01.2013

Aren't you disrespectful.

I knew you had to compare, I'm better with Habbo servers and PAWN rather than PHP.

But yes, thankyou.

Re: Trying to make an UCP - SchurmanCQC - 08.01.2013

Quote:
Originally Posted by A7X_CEEJAY
Посмотреть сообщение
Aren't you disrespectful.

I knew you had to compare, I'm better with Habbo servers and PAWN rather than PHP.

But yes, thankyou.
I'm not disrespectful, I was saying the truth. I even gave you a nice example. I could've been a lot worse about it.

Re: Trying to make an UCP - Flyfishes - 08.01.2013

Quote:
Originally Posted by Schurman
Посмотреть сообщение
You probably can't program if you can't solve this simple logic problem.

1. Get raw input.
2. Hash raw input.
3. Compare hashed input with hashed password of user.

Example:
PHP код:
$rawInput $_POST["password"];
$userPass /* HASHED PASSWORD TAKEN FROM MYSQL OR FTP */;
$hashedInput hash("whirlpool"*, $rawInput);
if(strlen($rawInput) != && strlen($userPass) != 0)
{
    if(!strcmp($userPass$hashedInput))
    {
         // CODE HERE!
    }
    else
    {
        echo('Password incorrect.');
        exit;
    }
}
else
{
    echo('Server error. Password field was empty, or something else happened!');
    exit;

* See http://php.net/manual/en/function.hash.php
If you don't have an encrypted connection, wouldn't it be more secure to SELECT all playeraccounts from the table with the matching username and encrypted password instead of sending the encrypted password to the client?