I need help with my UCP - Printable Version

I need help with my UCP - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: I need help with my UCP (/showthread.php?tid=631484)

I need help with my UCP - nikotragedy - 30.03.2017

I'm creating a UCP for my RP server. I can insert stuff into my DB but now I'm not sure how can I decrypt or use the hashed pw.
I've tried with md5 and SHA1 but it's not working and now I'm not sure what should I do or how to compare the inputtext with a hashed password.

Re: I need help with my UCP - X337 - 30.03.2017

You can't decrypt hashes.
Just hash the inputtext and compare them.

Re: I need help with my UCP - nikotragedy - 30.03.2017

Quote:

Originally Posted by X337

You can't decrypt hashes.
Just hash the inputtext and compare them.

That's what I don't know how to do it. And I found nothing on the SAMP wiki

I'm storing a MD5/SHA1 (pInfo[playerid][password]) into my DB, what's next?

Re: I need help with my UCP - nikotragedy - 30.03.2017

I solved almost anything but I'm having troubles now with the output of the hashed pw.

Ex.:

Original hash: b5021bbda761e7b6cde516f616a09f2e3ea5cb3dc48ccbd37a 8deeda94b56562
Hash generated on the GM: B5021BBDA761E7B6CDE516F616A09F2E3EA5CB3DC48CCBD37A 8DEEDA94B56562

As you can see, the string is the same but different so I can't compare a hash/password.

Solved!
If anyone is interested:

Код:

            new passwordLower[65];
            format(passwordLower, sizeof(passwordLower), "%s", YOURPASSWORDVARIABLE);
            for(new i, len = strlen(passwordLower); i < len; ++i)
			{
			    passwordLower[i] = tolower(passwordLower[i]);
			}


            for(new i, len = strlen(hashed_pass); i < len; ++i)
			{
			    hashed_pass[i] = tolower(hashed_pass[i]);
			}

Original hash: b5021bbda761e7b6cde516f616a09f2e3ea5cb3dc48ccbd37a 8deeda94b56562
Generated hash: b5021bbda761e7b6cde516f616a09f2e3ea5cb3dc48ccbd37a 8deeda94b56562

Re: I need help with my UCP - BR3TT - 30.03.2017

http://php.net/manual/en/function.password-verify.php

Have you tried using password_verify? Verifies a password with a hash.

Re: I need help with my UCP - DobbysGamertag - 30.03.2017

Don't use SHA1. Its unsecure. See here

Consider using SHA256, or some other variation (Whirlpool).

pawn Код:

mysql_format(connectionHandle, query, sizeof(query), "INSERT INTO `users` (`username`,`password`) VALUES('%e',SHA2('%e',256))", Name, inputtext); //SHA256. You could even use SA:MP's version. I haven't speed-tested it though, so unsure of the speed differences.

For whirlpool see this. To hash the user input on the website,

PHP код:



$password = hash('whirlpool', $data_to_be_hashed);