Whirlpool And Php Login Form
#1

Hey guys, I'm making a ucp and i have the sessions set up and etc, my question is how do i use whirlpool in my php login form. I've have looked at tutorials but all i have seen listed is md5 and sha1.
Код:
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

mysql_select_db($database_local, $local);
$query_Recordset1 = "SELECT * FROM playeraccounts";
$Recordset1 = mysql_query($query_Recordset1, $local) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = "-1";
if (isset($_SESSION['playerName'])) {
  $totalRows_Recordset1 = $_SESSION['playerName'];
}
$colname_Recordset1 = "-1";
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['playeraccount'])) {
  $loginUsername=$_POST['playeraccount'];
  $password=$_POST['Password'];
  $MM_fldUserAuthorization = "playerAdminLevel";
  $MM_redirectLoginSuccess = "ucp/index.php";
  $MM_redirectLoginFailed = "index.html";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_local, $local);
  	
  $LoginRS__query=sprintf("SELECT playerName, playerPassword, playerAdminLevel FROM playeraccounts WHERE playerName=%s AND playerPassword=%s",
  GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $local) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    $loginStrGroup  = mysql_result($LoginRS,0,'playerAdminLevel');
    
	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!-- Mirrored from www.zasprexstudios.com/projects/vanity2/construction.php by HTTrack Website Copier/3.x [XR&CO'2010], Sun, 25 Mar 2012 18:47:11 GMT -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Vanity Roleplay • User Control Panel</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div align="center">
<div align="center">

	<div style="background:url(images/header/header_tile.png); height:186px;">
        <div class="header" align="center" style="width:960px;">
            <div id="header_bg">
            
              					<ul class="navmenu">
                    <li><div id="nav_logo"></div>
                    <li><div id="nav"><a href="index.html">Home</a></div></li>
                    <li><div id="nav"><a href="http://vrp-gta.us/forum">Forum</a></div></li>
                    <li><div id="nav"><a href="construction.html">UserCP</a></div></li>
                    <li><div id="nav"><a href="features.html">Features</a></div></li>
                    <li><div id="nav"><a href="gallery.html">Gallery</a></div></li>
                    <li><div id="nav"><a href="index.html">Other</a></div></li>
                    <li><div id="nav_contactus"><a href="contactus.html">Contact Us</a></div></li>
                  </ul>            </div> 
      </div>    
  </div>
  
</div><div style="width:930px">
  		<div align="left"></div>
        <div align="left" style="margin-top:-350px; margin-left:430px"><div style="font-size:56px; letter-spacing:-1px; text-shadow:0px 1px 0px #FFF"><strong>UCP</strong></div>
        <div align="left"><div style="font-size:36px; letter-spacing:-1px; text-shadow:0px 1px 0px #FFF"><strong>UNDER <font color="#e59d11">CONSTRUCTION</font></strong></div>
        </div>
        
        </div>  			
</div>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<form id="form1" name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
  <p>&nbsp;</p>
  <p>&nbsp;</p>
  <p>&nbsp;</p>
  <p>&nbsp;</p>
  <p>&nbsp;</p>
  <p>&nbsp;</p>
  <p>&nbsp;</p>
  <p><?php $_SESSION['<?php $_POST[<?php $_POST[MM_Username]; ?>]; ?>']; ?>&nbsp;</p>
  <p>
    <label for="playeraccount">In Game Name:</label>
    <input name="playeraccount" type="text" id="playeraccount" value="Username" />
  </p>
  <p>
    <label for="Password">Password:</label>
    <input type="password" name="Password" id="Password" hash('whirlpool', $Password) . "'"/>
  </p>
  <p>
    <input type="submit" name="Submit" id="Submit" value="Submit" />
    <br />
    <br />
  </p>
</form>
<?php echo $row_Recordset1['']; ?>
This is what i have.
Reply
#2

Use the built in hash function:

hash('whirlpool', 'the string to hash');

If you know how to use other encryption methods, I don't see what the big problem is.
Reply
#3

Why you guys make alot of php script for a thing that will never(or almost never) get used?
Why do you need to make that work, when you can use less code for the same?
Reply
#4

If you want to use PHP functions, you actually need to use start ('<?php') and end tags ('?>') for PHP while using the functions. If you look at your code, half of it doesn't even make sense. Read this if you really want to fix your code.

Judging by how frequently you post in the Vortex Roleplay 2 thread, you probably use the script. Why don't you just use the UCP too? https://subversion.assembla.com/svn/...elease/UCP.zip
Reply
#5

Or he can check this code: http://pastebin.com/Qg0EPakJ
Wich i've done for TheArcher with whirpool hash.
Reply
#6

I've made an entire UCP for the script, I'm offering him it to save him some time, rather than just creating a functional login form...
Reply
#7

What i have now
Код:
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['UserName'])) {
  $loginUsername=$_POST['UserName'];
  $password= hash('whirlpool', $_POST['password']);
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "../index.html";
  $MM_redirectLoginFailed = "../images/gallery/background.jpg";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_local, $local);
  
  $LoginRS__query=sprintf("SELECT playerName, playerPassword FROM playeraccounts WHERE playerName=%s AND playerPassword=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $local) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)