PDA

View Full Version : MySQL password hash


Kraeror
18/05/2018, 12:26 PM
Hello guys, I'm using the last version of MySQL (R41-4). I want to hash the password with the same hash of php language. How can the server write in the table and how can the server read it? Can you give me an example?

Logic_
18/05/2018, 12:27 PM
In PHP, just use the function to make your password hash in upper-case.

SA-MP has SHA2(56) which PHP has too, you can use that.

Kraeror
18/05/2018, 01:53 PM
I know about that but are they compatible? And what is the function which I have to use for reading it from the table (I know the uploading code, but not for reading)!

Kraeror
18/05/2018, 02:34 PM
ANY HELP PLEASE !!!

kovac
18/05/2018, 03:12 PM
I would suggest you to use Whirlpool hash.

In PHP you can use the following:
hash("whirlpool", $string);

Tutorial for in game:
http://forum.sa-mp.com/showthread.php?t=570945

Kraeror
18/05/2018, 03:26 PM
I would suggest you to use Whirlpool hash.

In PHP you can use the following:
hash("whirlpool", $string);

Tutorial for in game:
http://forum.sa-mp.com/showthread.php?t=570945

Thank you but can you tell me how to dehash the hash, because I need it for user system (for checking if the password you wrote is correct I have to dehash it)!

CodeStyle175
18/05/2018, 03:38 PM
hash point is to be un reversable, you dont have to see others passwords, to steal their fb account

kovac
18/05/2018, 03:39 PM
hash point is to be un reversable, you dont have to see others passwords, to steal their fb account

I don't think he meant it that way.

You can't and don't need to dehash it, only compare

case DIALOG_LOGIN:
{
if(response)
{
new query[500], HashedPW[130];
WP_Hash(HashedPW, sizeof(HashedPW), inputtext);
mysql_format(Database, query, sizeof(query), "SELECT * FROM userdata WHERE User='%e' AND Password='%e'", GetName(playerid), HashedPW);
mysql_tquery(Database, query, "OnUserLogin", "d", playerid);
}
else
Kick(playerid);
return 1;
}
case DIALOG_REGISTER:
{
if(response)
{
new query[500], HashedPW[130], GPCI[128];
gpci(playerid, GPCI, sizeof(GPCI));
WP_Hash(HashedPW, sizeof(HashedPW), inputtext);
mysql_format(Database, query, sizeof(query), "INSERT INTO `userdata` (`User`,`Password`,`RegisterIP`, `CreatedOn`, `GPCI`) VALUES ('%e', '%e', '%e', NOW(), '%e')", GetName(playerid), HashedPW, Player_IP[playerid], GPCI);
mysql_tquery(Database, query, "OnUserRegister", "d", playerid);
}
else
Kick(playerid);
return 1;
}

Kraeror
18/05/2018, 03:41 PM
hash point is to be un reversable, you dont have to see others passwords, to steal their fb account

I don't need to see their password... I need to check it for login...

CodeStyle175
18/05/2018, 03:42 PM
you just hash their password and compare hashes.

Kraeror
18/05/2018, 03:51 PM
I don't think he meant it that way.

You can't and don't need to dehash it, only compare

case DIALOG_LOGIN:
{
if(response)
{
new query[500], HashedPW[130];
WP_Hash(HashedPW, sizeof(HashedPW), inputtext);
mysql_format(Database, query, sizeof(query), "SELECT * FROM userdata WHERE User='%e' AND Password='%e'", GetName(playerid), HashedPW);
mysql_tquery(Database, query, "OnUserLogin", "d", playerid);
}
else
Kick(playerid);
return 1;
}
case DIALOG_REGISTER:
{
if(response)
{
new query[500], HashedPW[130], GPCI[128];
gpci(playerid, GPCI, sizeof(GPCI));
WP_Hash(HashedPW, sizeof(HashedPW), inputtext);
mysql_format(Database, query, sizeof(query), "INSERT INTO `userdata` (`User`,`Password`,`RegisterIP`, `CreatedOn`, `GPCI`) VALUES ('%e', '%e', '%e', NOW(), '%e')", GetName(playerid), HashedPW, Player_IP[playerid], GPCI);
mysql_tquery(Database, query, "OnUserRegister", "d", playerid);
}
else
Kick(playerid);
return 1;
}
Thanks a lot I will try +REP!!!