[Zeus666]

Hi. On my UCP, when you want to log in, you need to type your password, but on my database your password is encrypted on SHA1.

How can I make a converter so they just type their password and the converter will convert it to SHA1 and login can be successful?

PHP код:

$query = mysql_query("SELECT username, password FROM users WHERE username = '$username'"); 


[yvoms]

Lets get things right,
You are encrypting passwords to your database, you wouldn't want to have raw passwords laying around.
But then you make a UCP that Decrypts your passwords and shows the raw?
Why not make them type the password > Hash it > Check the hashes if they match, and then continue?

[Zeus666]

No.

http://vestigedayz.com/ucp/testplm.php


You need to log in with your hashed password, otherwise it will not recognize.

I want to log in with my unhashed password.


I register In agme with password test, on database appears 04141b4babwaevcwav4aw4va4a



On UCP i need to log in with 04141b..... and if I log in with test it's says wrong password

[yvoms]

Thats because you are not hashing the input in the php file afaik

[Zeus666]

And how can I do it?

[itsCody]

http://php.net/manual/en/function.hash.php
^ Regarding the UCP hashing issue.

[Zeus666]

I must change

PHP код:

$query = mysql_query("SELECT username, password FROM users WHERE username = '$username'");   to 


PHP код:

$query = mysql_query("SELECT username, password FROM users WHERE username = '$username'"  AND password where password = $password(md5decripted) 


something like that but i dont know how

[itsCody]

Or, you can post some snippets of the log in script..

Like fetching of the password, inputs, login buttons.. Maybe a little more.
You aren't even hashing it properly with the function I linked above

[Zeus666]

Quote:

Originally Posted by itsCody Or, you can post some snippets of the log in script.. Like fetching of the password, inputs, login buttons.. Maybe a little more. You aren't even hashing it properly with the function I linked above

Код HTML:

public OnPlayerRegister(playerid, password[])
{
    if(IsPlayerConnected(playerid))
	{
	    new Query[450],IP[16];
	    GetPlayerIp(playerid, IP, sizeof(IP));
		strcat(Query,"INSERT INTO `users` (Username,Password,IP) VALUES ('%s', sha1('%s'),'%s')");
		format(Query,sizeof(Query),Query,PlayerName(playerid),password,IP);

PHP код:

ublic OnPlayerAccountLogin(playerid, enteredPassword[])
{
    if(IsPlayerNPC(playerid)) return 1;
    {
        if(IsPlayerConnected(playerid))
        {
            new query[350];
            format(query, sizeof(query), "SELECT * FROM `users` WHERE `Username`= '%s' AND `Password` = SHA1('%s')", PlayerName(playerid), enteredPassword); 


[itsCody]

I'm confused
SA:MP has SHA256. What's with SHA1??

https://sampwiki.blast.hk/wiki/SHA256_PassHash

And I thought you were talking about your user control panel regarding the login + hashing.