SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Plugin Development

Reply
 
Thread Tools Display Modes
Old 21/11/2014, 04:49 AM   #31
Kaperstone
Banned
 
Join Date: May 2011
Location: Russia
Posts: 3,004
Reputation: 824
Default Re: Bcrypt

Quote:
Originally Posted by Johnson_boy View Post
Are you using bcrypt-samp-v2.2.2-debian_7.tar.gz from the Releases page on GitHub?
Yes. (just not compressed tar)

bcrypt-samp.so -> plugins
bcrypt.inc -> includes
Kaperstone is offline   Reply With Quote
Old 25/11/2014, 06:21 PM   #32
Maxime_Creteur
Little Clucker
 
Join Date: Dec 2011
Posts: 17
Reputation: 9
Default Re : Bcrypt

Hello,
You have define password_hash for PHP but not connecting to panel for password bcrypt?
Maxime_Creteur is offline   Reply With Quote
Old 28/11/2014, 06:48 PM   #33
Nealll
Little Clucker
 
Join Date: Jun 2014
Posts: 4
Reputation: 0
Default Re : Bcrypt

Hello,
I am currently developing a panel samp and I use this plugin but I have trouble with the transition pawn - php ( password_verify (), password_hash ()).
A little help please , thank you

(sorry for my english , I'm french x))
Nealll is offline   Reply With Quote
Old 28/11/2014, 08:35 PM   #34
Johnson_boy
Huge Clucker
 
Join Date: Mar 2011
Location: Finland
Posts: 215
Reputation: 80
Default Re: Re : Bcrypt

Quote:
Originally Posted by Nealll View Post
Hello,
I am currently developing a panel samp and I use this plugin but I have trouble with the transition pawn - php ( password_verify (), password_hash ()).
A little help please , thank you

(sorry for my english , I'm french x))
Simply fetch the password hash from the database and use password_verify($password , $hash) to check if the password given by the user matches the hash fetched from the database.
Johnson_boy is offline   Reply With Quote
Old 29/11/2014, 06:40 AM   #35
Nealll
Little Clucker
 
Join Date: Jun 2014
Posts: 4
Reputation: 0
Default Re : Bcrypt

I have given the hash password and compare it to that of the database?
Thank
Nealll is offline   Reply With Quote
Old 01/12/2014, 01:33 PM   #36
Kaperstone
Banned
 
Join Date: May 2011
Location: Russia
Posts: 3,004
Reputation: 824
Default Re: Bcrypt

Quote:
[13:01:48] plugin.bcrypt v2.2.3 was loaded.
[13:01:48] plugin.bcrypt: 5 cores detected, 4 threads will be used.
[13:01:48] Loaded.
[13:01:49] plugin.bcrypt: A new revision is available:
[13:01:49] plugin.bcrypt: Current version: 2.2.2
[13:01:49] plugin.bcrypt: Latest version: 2.2.3
[13:01:49] plugin.bcrypt: Download: http://api.ls-rcr.com/bcrypt/?upgrade
[13:01:49] plugin.bcrypt: Upgrading is recommended.
Downloaded v2.2.3 and updated the files.
it continues to say that there is a new version although it say above that it loaded version 2.2.3
Quote:
Originally Posted by Nealll View Post
I have given the hash password and compare it to that of the database?
Thank
Yes with password_verify($input, $hashed_password_from_db);
Kaperstone is offline   Reply With Quote
Old 01/12/2014, 03:49 PM   #37
Nealll
Little Clucker
 
Join Date: Jun 2014
Posts: 4
Reputation: 0
Default Re : Bcrypt

It's impossible because even if you enter exactly the same caracrtere chain, bcrypt hash of another ways ...

Show me a code example ^^
Nealll is offline   Reply With Quote
Old 01/12/2014, 11:49 PM   #38
Johnson_boy
Huge Clucker
 
Join Date: Mar 2011
Location: Finland
Posts: 215
Reputation: 80
Default Re: Bcrypt

Quote:
Originally Posted by xkirill View Post
Downloaded v2.2.3 and updated the files.
it continues to say that there is a new version although it say above that it loaded version 2.2.3

Yes with password_verify($input, $hashed_password_from_db);
Did you remember to update bcrypt.inc and recompile the script? It seems to work fine for me

Quote:
Originally Posted by Nealll View Post
It's impossible because even if you enter exactly the same caracrtere chain, bcrypt hash of another ways ...

Show me a code example ^^
This is the basic idea:
PHP Code:
<?php
$password 
'Hello World!';
$hash '$2y$12$D62QnfKU1bYMTode2W7UVeMb7maqY.Y7TCdWgQzj44HuOBK47Ej1Wl';

if(
password_verify($password$hash))
{
    
// Match
}
else
{
    
// No match
}
And something like this might resemble the actual use case:

PHP Code:
<?php
/**
 * Attempt to login using the given username and password. (simple example)
 * @param  string $username The username given by the user
 * @param  string $password The password given give the user
 * @return boolean            True if the login was successful, otherwise false
 */
public function login($username$password)
{
    
$success false;

    
$get_password_q "SELECT `id`, `password` FROM `users` WHERE `username` = ?";

    if(
$stmt $db->prepare($get_password_q))
    {
        
$stmt->bind_param("s"$username);
        
$stmt->execute();
        
$stmt->store_result();
        
$stmt->bind_result($id$hash);

        if(
$stmt->num_rows)
        {
            if(
password_verify($password$hash))
            {
                
// Correct password
                
$success true;
            }
            else
            {
                
// Wrong password
            
}
        }
        else
        {
            
// The user does not exist
        
}

        
$stmt->close();
    }

    return 
$success;
}
Johnson_boy is offline   Reply With Quote
Old 01/12/2014, 11:51 PM   #39
ProKillerpa
High-roller
 
ProKillerpa's Avatar
 
Join Date: May 2013
Location: Rio Grande do Sul
Posts: 1,200
Reputation: 142
Default Re: Bcrypt

Nice
__________________
Nostalgia oque nos resta...
ProKillerpa is offline   Reply With Quote
Old 02/12/2014, 06:20 PM   #40
Nealll
Little Clucker
 
Join Date: Jun 2014
Posts: 4
Reputation: 0
Default Re : Bcrypt

Ok. Thanks you.
Nealll is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT. The time now is 10:06 AM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.