Password Salting!
#1

Ok, so I did a mistake while scripting my Gamemode and did not encrypt user passwords.
And I have got around 30000 users registered in my MySQL DB.
now I cant afford to make those registered users lose stats.
is there a way I can salt passwords of already registered players ?
Reply
#2

Do it manually lol

Multiple queries aren't available yet in pawn I think.

If you want a MD5 Generator, search on ****** (have one on my personal website, isn't very hard to find)
Reply
#3

Should be. Execute these queries through phpMyAdmin or another client. To generate random salts you can use something like:
PHP код:
UPDATE testtable SET salt SHA1(CONCAT(UUID_SHORT(), 'keystring')) 
Replacing keystring with a random sequence of characters of your choice. I've done this because UUID_SHORT(), while unique, is predictable.

Next, update the actual passwords.
PHP код:
UPDATE testtable SET pass SHA1(CONCAT(saltSHA1(pass))) 
You can use any combination of functions to generate the password, just make sure you remember it because you will need it in your script.

PHP код:
SELECT FROM testtable WHERE user '%s' AND pass SHA1(CONCAT(saltSHA1('%s'))) 
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)