[Fratello]

Hey gang!

Recently I took a look at this forum post: https://sampforum.blast.hk/showthread.php?tid=290824 and successfully made UCP. But I'm facing a problem with BlueG's MySQL Password Hash. I can't type normal password such as 'password' instead of that I need to copy the randomly hashed password to log-in into the control panel.

I was wondering if there is a way to add that 'decryption' to PHP so they can use the same system. Or in the worst case to remove SHA256 encoding from script which isn't really the best option although server will be only for trainings and testings.

[Runn3R]

You don't decrypt passwords you hash the input and compare it to the other hash to check if they are the same, SHA256 is old and you should really use bCrypt or whirlpool with salt atleast.

[Paulice]

A hash is one way, it is not an encryption; thus, it cannot be decrypted.

Hash the password the user submits and compare it to the hash in the database.

Get the hash in PHP (example):

PHP код:

hash("sha256", $_POST['password']);