Password hashing between sa-mp and PHP
#1

Hello there. I'm currently coding a UCP for my sa-mp server where you will be able to read info from a mysql database where the character info is saved. I also made a login system where you log in with your in game characters name but now I have one problem.

I'm using the whirlpool plugin to hash my passwords in the server script but I need to find a way to unhash that password when logging in with the controlpanel which is coded in PHP.

I would appreciate the help in case anyone has got any idea how to fix this. Right now the php website is only reading the password without unhashing which works fine if I change the password for the character in the database.
Reply
#2

There's no such thing as "unhashing". The point of a hash is to be irreversible. To compare the password, run the user input through the same hashing algorithm and then compare the output to what's stored in the database.
Reply
#3

Haha true, I formulated it a bit wrong. Is there a way of using whirlpool in php though?
Reply
#4

There is no "way" to unhash. The entire principle of hashing is that it's one way only.

You will need to hash the input of the user exactly the same way when someone logs in via the control panel.

Note that PHP, by default, uses capital letters for the letters in the hash. Make sure to use toupper() to adjust for this in the script.

EDIT: Whirlpool hashing can be done in PHP by just changing the first parameter of the PHP hash() function.

PHP код:
hash('whirlpool''The quick brown fox jumped over the lazy dog.'); 
Reply
#5

Allright, I will try it out, thank you.
Reply
#6

AFAIK Php has their own hashing functions which allow you to do so.

> Hash user input.
> Retrieve hashed password from DB and compare it with user input.
Reply
#7

I got it working, didn't know that whirlpool was compatible that easily with php.

Thank you.
Reply
#8

You're welcome mate, glad to help.
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)