The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
how to hash or md5 userid
Hi everyone
what I am trying to do is how can I hash user id such as https://vborg.vbsupport.ru/member.php?u=219992 i want hash these number or MD5 it can I ? |
#2
|
|||
|
|||
Do you mean you want to do that everywhere a userid is used in a url? Or just one place?
If you don't mind my asking, why would you want ot do that? I'm asking because if you did hash the userid, I don't know how the code would figure out which user your meant except by starting with 1 and hashing all user ids until one matched, and anyone could do that. |
#3
|
|||
|
|||
Just find it
|
#4
|
||||
|
||||
I think it would be easier to add a new field to the user and have unique ids in it, while that would take a bit of coding it would be less work then changing their user id.
|
#5
|
|||
|
|||
I know what you mean now, you just want to put something as a parameter that can't be guessed so people can't cheat. You could hash the user id (maybe concatenating it with some "secret" string value), but the only way to get back the userid would be to calculate the has value for each id until you find one that matches. Or you could do something like is mentioned above. You don't have to add a column to the user table, you could make a new table and just use any random value as a id into the table (this is how activation and password changes work, using the useractivation table. Maybe you could figure out a way to use that same table).
Or maybe you just wanted to know the name of the php function? It's md5(). |
#6
|
|||
|
|||
Quote:
register.php?referrerid=1&invite=5808409b7ba1463c0 d518dca3bb31d0e See, If I want add the hash how can I ? |
#7
|
||||
|
||||
I would stay away from the hash idea , how are you going to find the correct member? If you check each user that could put a strain on the server if you have a lot of members.
|
#8
|
|||
|
|||
Quote:
Well, you could include the userid and also a hash to check the validity. Is that what you mean? It probably wouldn't be really great security-wise, but it might be good enough for your purpose. You could do something like make a secret phrase that you define in your code, then to produce the "invite" parameter, make a hash of the phrase with the userid, like Code:
$referrerid = 10; // userid of referer $secret = "This is a secret"; $invite = md5($secret . $referrerid); Then when the link is clicked you can do the same thing (because you'll have the userid in the "referrerid" parameter) and compare them. With this scheme, an uninvited person trying to register won't know how to create the right hash value to look like they were refered by a certain user, but of course once someone knows one of the hash values, it can be used again and again, which is why the other idea of storing a random value in a db table is better. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|