21.11.2017, 17:12
My password in my gamemode is getting hashed with this:
Login script in gamemode:
In my PHP script for login form:
In database variables:
password: 6C023B04CCD3198A61706E781E9B4C1FEAF4BB30AEA9019153 B43735731478B9
salt: ;6^au^kzy4
what should be real password unhashed: lozinka
PHP код:
// Salting the player's password using SHA256 for a better security.
for (new i = 0; i < 10; i++){PlayerInfo[playerid][pSalt][i] = random(79) + 47;}
PlayerInfo[playerid][pSalt][10] = 0;
SHA256_PassHash(inputtext, PlayerInfo[playerid][pSalt], PlayerInfo[playerid][pPassword], 65);
PHP код:
new Salted_Key[65];
SHA256_PassHash(inputtext, PlayerInfo[playerid][pSalt], Salted_Key, 65);
if(strcmp(Salted_Key, PlayerInfo[playerid][pPassword]) == 0)
{
... loading variables from database
PHP код:
if(isset($_POST['Name']) && isset($_POST['Password']))
{
if(!isset($_SESSION['Name']))
{
$query = $con->prepare("SELECT `AdminLevel`, `Name`, `ID` from `players` where `Name` = ? and `Password` = ?");
$query->execute(array($_POST['Name'], strtoupper(hash("whirlpool", $_POST['Password']))));
if($query->rowCount() > 0)
{
$data = $query->fetch();
$_SESSION['Name'] = $data['Name'];
$_SESSION['AdminLevel'] = $data['AdminLevel'];
$_SESSION['ID'] = $data['ID'];
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=index.php">';
exit;
}
else
{
$err = 'Wrong username or password.';
}
}
}
password: 6C023B04CCD3198A61706E781E9B4C1FEAF4BB30AEA9019153 B43735731478B9
salt: ;6^au^kzy4
what should be real password unhashed: lozinka
