vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)
-   -   Login Script help! (https://vborg.vbsupport.ru/showthread.php?t=170635)

ComputerModding 02-16-2008 02:41 AM
Login Script help!
 
This should be quick and simple I hope :)

I have two servers, on server one I have a VB board with 5,500 + members. On server 2 I have a script I have written myself in PHP for the members to use, so I would like to use the members table on server one for my custom script, that bit is easy and the two servers are already talking to eachother fine.

I have written members scripts before but trying to reverse programme the VB login code is a little over my head, in the past I have just used SHA1, MD5 or a combination of the two for a registration and member login page, but I see from the database that VB uses a password salt.

Can anybody advise on the code used to encrypt a users password using the salt so I can make my custom script encrypt and compare the passwords of my VB? this will save my members alot of time having to re-register an account just to use the script ( I have googled this over the past few days and so far not found anything concreat that I can use)

Thanks in advance

Kevin

Marco van Herwaarden 02-16-2008 06:41 AM
https://vborg.vbsupport.ru/showthrea...highlight=salt

See: Authentication Storage

ComputerModding 02-18-2008 01:51 AM
Thats just what I needed cheers Marco.

Thought even VB would of moved over to using sha1 by now :) md5 is still good with triple encryption though.

baca85 02-19-2008 09:33 AM
niether sha1 or md5 are actually secure now not without a salt. Personally I use the newer sha2 algorithms with a salt.

Dismounted 02-19-2008 09:48 AM
vBulletin will probably never move off the current algorithm because it would be a pain to do so. And many people don't have hash() installed and enabled.

baca85 02-19-2008 09:53 AM
well its enabled by default in php5 and since php6 is coming out soon and php4 now no longer being supported more people with have hash install and enabled by default surely. However i do agree it would be a pain in the backside to convert all the passwords for users but surely having the option to use sha1 and sha2 should be an option?


All times are GMT. The time now is 08:59 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00942 seconds
  • Memory Usage 1,720KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (6)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete