How to type player's hash password in a string? (+REP)
#1

if i'll make the command like this it'd just show the hash password which would be like SDG363GSD23AF9SG7BA256VBDSS263G8D9FX21J9, how can i show the real password?

PHP код:
CMD:checkpw(playerid,params[])
{
    new 
String[128];
    
format(String,sizeof(String),"Your password is: %s",DB[playerid][Password]);
    
SendClientMessage(playerid,-1,String);
    return 
1;

Reply
#2

Don't do this. It's an utmost security risk. Rather have players set new passwords. Always keep them encrypted at all times.
Reply
#3

Why would you even do that??
Reply
#4

Quote:
Originally Posted by introzen
Посмотреть сообщение
Don't do this. It's an utmost security risk. Rather have players set new passwords. Always keep them encrypted at all times.
Hmm alright I see

Quote:
Originally Posted by Micko123
Посмотреть сообщение
Why would you even do that??
Well I wanted to make a command for an admin to watch the players passwords etcetra.
anyway is that possible to do it? so maybe i can search for other players passwords in another gamemode which will be hosted on my pc instead of the host.

another question: is that possible to do the same with integers? i'd like to make some premium points that people buy for irl cash
Reply
#5

It would be stupid to allow admins to watch players private passwords. I'm not going to help you with that. Sorry.

On the integer part however, you would have to use a private encryption key which you then use to decrypt the code.
Reply
#6

Quote:
Originally Posted by SAMP Services Agreement
(f) You may not violate the privacy of a player, service provider or server operator
by means of exposing passwords or identities without consent.
Don't even make that, if a player looses his password, make him set a new one, don't expose peoples passwords.
Reply
#7

If you do that and if you put wrong person on admin position he can see password of the players. And maybe they are using same passwords for different servers and then you have a problem .
Reply
#8

For the reminder: It's even illegal to check people their private password.
Reply
#9

Quote:
Originally Posted by introzen
Посмотреть сообщение
It would be stupid to allow admins to watch players private passwords. I'm not going to help you with that. Sorry.

On the integer part however, you would have to use a private encryption key which you then use to decrypt the code.

Quote:
Originally Posted by CalvinC
Посмотреть сообщение
Don't even make that, if a player looses his password, make him set a new one, don't expose peoples passwords.

Quote:
Originally Posted by Micko123
Посмотреть сообщение
If you do that and if you put wrong person on admin position he can see password of the players. And maybe they are using same passwords for different servers and then you have a problem .
Okay first of all I didn't want to give this authority to any admin I wanted to make a hidden command for myself which will be for admin level 7+ which is owner on my server. I wanted to make such a thing so I'll be able to access into any account that I want. ye I know that I can make a command to bypass the login dialog or something like that but that's easier to know the account password

Quote:
Originally Posted by saffierr
Посмотреть сообщение
For the reminder: It's even illegal to check people their private password.
private? that's my server if they login into my server I'm allowed to check anything. that's my right as a server owner. what i'm not allowed is to try to use those passwords on another things such as ******** and other servers. I'm not gonna do that.
Reply
#10

A hash is a one-way encryption. Once a string is hashed theres basically no way to turn it back into the original.

Quote:
Originally Posted by saffierr
Посмотреть сообщение
For the reminder: It's even illegal to check people their private password.
Not directly illegal, but against the samp server service agreement.
Quote:

(f) You may not violate the privacy of a player, service provider or server operator
by means of exposing passwords or identities without consent.


Quote:
Originally Posted by Lirbo
Посмотреть сообщение
Okay first of all I didn't want to give this authority to any admin I wanted to make a hidden command for myself which will be for admin level 7+ which is owner on my server. I wanted to make such a thing so I'll be able to access into any account that I want. ye I know that I can make a command to bypass the login dialog or something like that but that's easier to know the account password
Theres absolutely no reason why you would need to do that. If you need to do something in their accounts, do it via admin commands or directly in the files/database. But logging into their accounts? Breaking the users privacy just for fun, or because youre unable to solve problems the normal way? Nope.
Admins logging into my account would be a definite reason for me to never visit a server again.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)