|
|
Joined: Sep 2001
Posts: 129
Member
|
Member
Joined: Sep 2001
Posts: 129 |
I want to integrate an external package into my threads but I need for it to use the threads passwords how do I get a plain password out of the md5 hash ?
Regards Clint
Running on WIN2003 Web Server.
Paranoid people get followed too!
|
|
|
|
Joined: Aug 2002
Posts: 1,191
Kahuna
|
Kahuna
Joined: Aug 2002
Posts: 1,191 |
Hi Clint
The MD5 algorithm is a hash algorithm and its purpose is to encode but not decode. So once you convert a word with MD5 there is no way to get the original text back.
The way threads does it is to get the text that the user enters and hash it with MD5. Then it compares that value with the one in the database.
This is what you can do with the external package yourself. Get the user to type in a password Convert that password with MD5 Open a connection to your threads database Get the user's stored password and compare it with the one you have already stored.
Warm regards
Nikos
Nikos
|
|
|
|
Joined: Sep 2001
Posts: 129
Member
|
Member
Joined: Sep 2001
Posts: 129 |
Thanks for the reply, you don't have a code snippet I can look at do you ?
Regards Clint
Running on WIN2003 Web Server.
Paranoid people get followed too!
|
|
|
|
Joined: Aug 2002
Posts: 1,191
Kahuna
|
Kahuna
Joined: Aug 2002
Posts: 1,191 |
You can use something like this: <br /> // Require the main library<br /> require ("main.inc.php");<br /> <br /> $oHTML = new html;<br /> $oUser = new user;<br /> $arrUser = array();<br /> <br /> $strPassword = "";<br /> <br /> // Get the user info<br /> $arrUser = $oUser -> authenticate('U_Password');<br /> $strUsername = $arrUser['U_Username'];<br /> $strPassword = $arrUser['U_Password'];<br /> <br /> if (!$arrUser['U_Username']) <br /> {<br /> $oHTML -> not_right ($ubbt_lang['NO_AUTH'], $Cat);<br /> }<br /> <br /> <br /> //-----------------------------------------------------------------------<br /> //-----------------------------------------------------------------------<br /> <br /> // If you need to authenticate someone on this script using a passed username<br /> // and password<br /> $strQuery = "<br /> SELECT U_Password<br /> FROM {$config['tbprefix']}Users<br /> WHERE U_Username = '$InUsername'<br /> ";<br /> <br /> $sth = $dbh -> do_query( $strQuery );<br /> list( $strPassword );<br /> $dbh -> finish_sth($sth);<br /> <br /> // strPassword has the database pasword hashed<br /> // InPassword is the passed variable in the script from the input box<br /> if ( $strPassword = md5( $InPassword ) )<br /> {<br /> // Blah blah they don't match<br /> }<br /><br /> which will get a password using a passed parameter ($InPassword). By including the main.inc.php you ensure that you have access to the classes of ubbthreads. Also the authenticate method of the user class will authenticate the user (if he/she is logged in the forum) so you might not even need to do the next step. In the second section I have a query that is run against the database and checks the passwords. I hope this helps Warm regards Nikos
Nikos
|
|
|
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
|
|
Posts: 254
Joined: January 2000
|
|
Forums63
Topics37,573
Posts293,925
Members13,849
|
Most Online5,166 Sep 15th, 2019
|
|
Currently Online
Topics Created
Posts Made
Users Online
Birthdays
|
|
|
|
|