Hashing passwords?
#1

'Sup y'all?

I got a simple question: What means exactly "hashing a password"? ****** told me, that I should do this with my saving-system. And, I am using SII! So here for example is my "OnDialog-bla", so what's the way to hash passwords and what is the destination of it?

PHP код:
  public OnDialogResponse(playeriddialogidresponselistiteminputtext[]) {
        switch(
dialogid)
        {
            case 
DIALOG_REGISTER:
            {
                if(!
response)
                    return 
Kick(playerid);
                if(
response)
                {
                    if(!
strlen(inputtext))
                        return 
ShowPlayerDialog(playeridDIALOG_REGISTERDIALOG_STYLE_INPUT""WHITE"Registering...",""RED"You have entered an invalid password.\n"WHITE"Type your password below to register a new account.","Register","Quit");
                    if(
INI_Open(getINI(playerid)))
                    {
                        
INI_WriteString("Password",inputtext);
                        
INI_WriteInt("Cash"0);
                        
INI_WriteInt("Admin"0);
                        
INI_WriteInt("FirstTime"0);
                        
INI_WriteInt("Skin"0);
                        
INI_WriteInt("Score"0);
                        
INI_WriteInt("Kills"0);
                        
INI_WriteInt("Deaths"0);
                        
INI_Save();
                        
INI_Close();
                        
ShowPlayerDialog(playeridDIALOG_LOGINDIALOG_STYLE_INPUT,""WHITE"Login",""WHITE"Type your password below to login.","Login","Quit");
                    }
                }
            } case 
DIALOG_LOGIN:
              {
                if(!
response)
                    return 
Kick playerid );
                if(
response)
                {
                    if(!
strlen(inputtext))
                        return 
ShowPlayerDialog(playeridDIALOG_LOGINDIALOG_STYLE_INPUT""WHITE"Login",""RED"You have entered an invalid password.\n"WHITE"Type your password below to login.","Login","Quit");
                    if(
INI_Open(getINI(playerid)))
                    {
                        
INI_ReadString(PlayerInfo[playerid][pPass],"Password",20);
                        if(
strcmp(inputtext,PlayerInfo[playerid][pPass],false)) {
               
                            
ShowPlayerDialog(playeridDIALOG_LOGINDIALOG_STYLE_INPUT""WHITE"Login",""RED"You have entered an incorrect password.\n"WHITE"Type your password below to login.","Login","Quit");
                            
TimesAttempted[playerid] += 1;
                            if(
TimesAttempted[playerid] == 1SendClientMessage(playerid,COLOR_RED,"Wrong password, 2 login-attempts left!");
                            else if(
TimesAttempted[playerid] == 2SendClientMessage(playerid,COLOR_RED,"Wrong password, 1 login-attempt left!");
                            else if(
TimesAttempted[playerid] == 3){
                            new 
tname[MAX_PLAYER_NAME], rstring[128];
                            
GetPlayerName(playeridtnamesizeof(tname));
                            
format(rstring,sizeof(rstring),"SYSTEM: Player %s has been automatically kicked by the server (Exceeding login-attempts)!",tname);
                            
SendClientMessageToAll(COLOR_RED,rstring);
                             
Kick(playerid);
                             }
                        }
                        else  {
                        
SendClientMessage(playerid,BRIGHT_GREEN,"You have successfully logged in! Welcome back, homie!");
                        
PlayerPlaySound(playerid,1057,0.0,0.0,0.0);
                        }
                        
                        
GivePlayerMoneyplayeridINI_ReadInt"Cash" ) );
                        
PlayerInfo[playerid][pAdmin] = INI_ReadInt("Admin");
                        
PlayerInfo[playerid][pKills] = INI_ReadInt("Kills");
                        
PlayerInfo[playerid][pDeaths] = INI_ReadInt("Deaths");
                        
gFirstTimeHasJoined[playerid] = INI_ReadInt("FirstTime");
                        
gPlayerSkinForEver[playerid] = INI_ReadInt("Skin");
                        
SetPlayerScoreplayeridINI_ReadInt"Score" ) );
                        
INI_Close();
                    }
                }
            }
        }
        return 
1;
    } 
Reply
#2

Hashing passwords is simply done for the sake of the users' privacy. If the database gets hacked or someone retrieves your userfiles, then they can read all passwords in plain text. And as most people use the same passwords for different websites, this can be disastrous. I also wouldn't trust a server owner if I knew the passwords were stored in plain text.

There are multiple functions to hash passwords, with the better ones being sha2, whirlpool, sha1 and md5.
Reply
#3

serached ******
as far as i understand, hashing means converting characters into a code.
you can use many hashing functions. like whirpool(******), udb_hash(dracoblue). search them
Reply
#4

Quote:
Originally Posted by KingJ
Посмотреть сообщение
A password hash is a non-reversible function which takes a plain-text input and produces a hashed output. This is used to safely store user passwords - if your user database was ever leaked it would mean that no one would be able to view the plain-text passwords. Equally, it means that you can also not view user passwords, which is also a good thing.
A few plugins;
https://sampforum.blast.hk/showthread.php?tid=65290
https://sampforum.blast.hk/showthread.php?tid=188734
https://sampforum.blast.hk/showthread.php?tid=237943

EDIT: Vince was faster.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)