sha1 -> whirlpool - Printable Version
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: sha1 -> whirlpool (/showthread.php?tid=632964)
+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Scripting Help (https://sampforum.blast.hk/forumdisplay.php?fid=12)
+--- Thread: sha1 -> whirlpool (/showthread.php?tid=632964)
sha1 -> whirlpool - iKevin - 22.04.2017
is there a way to convert all of the passwords in the database from sha1 to whirlpool not going them 1by1 because there are 1,100,000 users registered
please tell me how if possible
Re: sha1 -> whirlpool - iKevin - 22.04.2017
basically the passwords in the mysql database are hashed with sha1 and i'm trying to make an ucp but i don't know how to load the account with sha1 hashed password... can anyone help?
PHP код:
<?php
if(!defined('AWM'))
die('Nope.');
if(Config::isLogged()) header('Location: ' . Config::$_PAGE_URL . 'profile');
if(isset($_POST['login_submit'])) {
if(!$_POST['login_username'] || !$_POST['login_password']) {
echo '<font color="red"><b>Complete all fields.</b></font>';
} else {
$q = Config::$g_con->prepare('SELECT `reg_id` FROM `players` WHERE `name` = ? AND `pass` = ?');
$q->execute(array($_POST['login_username'], strtoupper(hash('whirlpool',$_POST['login_password']))));
if($q->rowCount()) {
$row = $q->fetch(PDO::FETCH_OBJ);
$_SESSION['awm_user'] = $row->playerID;
echo '<font color="green"><b>You have successfully logged in. You will be redirected in <b>3</b> seconds.</b></font><br><br>';
echo '<meta http-equiv="refresh" content="3;URL=\''.Config::$_PAGE_URL.'profile\'/>';
}
else echo '<font color="red"><b>Invalid username or password.</b></font>';
}
}
?>
<link href="http://redpanel.bugged.ro/css/font-awesome.min.css" media="all" type="text/css" rel="stylesheet">
<br><br>
<form action="" method="post" >
<input type="text" placeholder="Username" id="login_username" name="login_username" /> <br>
<input type="password" placeholder="Password" id="login_password" name="login_password" /> <br>
<input type="submit" value="Login" id="login_submit" name="login_submit">
</form>
PHP код:
$q->execute(array($_POST['login_username'], strtoupper(hash('whirlpool',$_POST['login_password']))));
Re: sha1 -> whirlpool - Vince - 22.04.2017
I don't know how you would do that without first knowing the original password because it is impossible to reverse a hash (brute force/rainbow tables excluded). You can only do the conversion once a player successfully logs in and you'd need to have a transition period where you have two columns in your database: one with the original hash and one with the new hash and you've have to write some extra code that actually does the conversion. Depending on how often your users log in that transition period might span multiple week or months. You can also change the algorithm right now but then all passwords will become useless instantly and no-one will be able to log in. So if you fancy sending a password reset link to a million users you can also try that.
Re: sha1 -> whirlpool - iKevin - 22.04.2017
Quote:
|
Originally Posted by Vince
 I don't know how you would do that without first knowing the original password because it is impossible to reverse a hash (brute force/rainbow tables excluded). You can only do the conversion once a player successfully logs in and you'd need to have a transition period where you have two columns in your database: one with the original hash and one with the new hash and you've have to write some extra code that actually does the conversion. Depending on how often your users log in that transition period might span multiple week or months. You can also change the algorithm right now but then all passwords will become useless instantly and no-one will be able to log in. So if you fancy sending a password reset link to a million users you can also try that.
|
Код:
This page isn’t working *********.com is currently unable to handle this request. HTTP ERROR 500
PHP код:
<?php
include 'includes/config.php';
include 'includes/header.php';
checkForLogin();
if(!isset($_GET['id']))
{
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../pages/index.php">';
exit;
}
$charaID = $_GET['id'];
$sesuID = $_SESSION['uID'];
$query = $con->prepare("SELECT * from players where reg_id = '$charaID'");
$query->execute();
$gData = $query->fetch();
if($gData['reg_id'] != $sesuID)
{
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../pages/index.php">';
exit;
}
?>
<div class="row">
<div class="col-md-12">
<h1 class="page-header">
<?php echo $gData['name']; ?>
</h1>
</div>
</div>
<div class="row">
<div class="col-lg-2">
<img src="../skins/Skin_<?php echo $gData['saveskin']; ?>.png" style="height:300px;">
</div>
<div class="col-lg-8">
<div class="panel panel-default">
<div class="panel-body">
<div class="row">
<div class="col-lg-6">
Status: <?php if($gData['active'] == 1)
{
echo '<span style="color:#00FF00";>ONLINE</span>'
}
else
{
echo '<span style="color:#FF0000";>OFFLINE</span>'
} ?>
<hr />
Playing Time: <?php echo($gData['hours']); ?> Hours, <?php echo($gData['minutes']); ?> Minutes and <?php echo($gData['seconds']); ?> Seconds
<hr />
Premium: <?php if($gData['premium'] == 1)
{
echo '<span style="color:#00FF00";>PREMIUM</span>'
}
else if($gData['premium'] == 2)
{
echo '<span style="color:#00FF00";>PREMIUM 2</span>'
}
else if($gData['premium'] == 3)
{
echo '<span style="color:#00FF00";>VIP</span>'
}
else if($gData['premium'] == 0)
{
echo '<span style="color:#FF0000";>NO</span>'
} ?>
<hr />
Helper: <?php if($gData['helper'] == 1)
{
echo '<span style="color:#00FF00";>HELPER</span>'
}
else if($gData['helper'] == 2)
{
echo '<span style="color:#00FF00";>MAPPER</span>'
}
else if($gData['helper'] == 3)
{
echo '<span style="color:#00FF00";>DEVELOPER</span>'
}
else if($gData['helper'] == 0)
{
echo '<span style="color:#FF0000";>NO</span>'
} ?>
<hr />
Admin: <?php if($gData['adminlevel'] == 1)
{
echo '<span style="color:#00FF00";>MODERATOR</span>'
}
else if($gData['adminlevel'] == 2)
{
echo '<span style="color:#00FF00";>ADMIN</span>'
}
else if($gData['adminlevel'] == 3)
{
echo '<span style="color:#00FF00";>SENIOR ADMIN</span>'
}
else if($gData['adminlevel'] == 4)
{
echo '<span style="color:#00FF00";>HEAD ADMIN</span>'
}
else if($gData['adminlevel'] == 5)
{
echo '<span style="color:#00FF00";>SERVER OWNER</span>'
}
else if($gData['adminlevel'] == 0)
{
echo '<span style="color:#FF0000";>NO</span>'
} ?>
<hr />
Score: <?php echo number_format($gData['score']); ?>
<hr />
Cookies: <?php echo number_format($gData['cookies']); ?>
<hr />
Money: $<?php echo number_format($gData['money']); ?>
<hr />
Bank Money: $<?php echo number_format($gData['bmoney']); ?>
<hr />
Total Money: $<?php echo number_format($gData['money'] + $gData['bmoney']); ?>
<hr />
Group ID: <?php echo number_format($gData['group_id']); ?>
<hr />
Group Rank: <?php echo number_format($gData['group_rank']); ?>
<hr />
Member since: <?php echo $gData['reg_time']); ?>
<hr />
Last login: <?php echo $gData['last_time']); ?>
<hr />
Kills: <?php echo number_format($gData['kills']); ?>
<hr />
Deaths: <?php echo number_format($gData['deaths']); ?>
<hr />
Kill/Death Ratio: <?php echo number_format($gData['kills'] / $gData['kills']); ?>
<hr />
House ID: <?php echo number_format($gData['house_id']); ?>
<hr />
</div>
</div>
</div>
</div>
</div>
</div>
<?php
include 'includes/footer.php';
?>