Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 02-16-2008, 02:41 AM
ComputerModding ComputerModding is offline
 
Join Date: Sep 2007
Posts: 21
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Login Script help!

This should be quick and simple I hope

I have two servers, on server one I have a VB board with 5,500 + members. On server 2 I have a script I have written myself in PHP for the members to use, so I would like to use the members table on server one for my custom script, that bit is easy and the two servers are already talking to eachother fine.

I have written members scripts before but trying to reverse programme the VB login code is a little over my head, in the past I have just used SHA1, MD5 or a combination of the two for a registration and member login page, but I see from the database that VB uses a password salt.

Can anybody advise on the code used to encrypt a users password using the salt so I can make my custom script encrypt and compare the passwords of my VB? this will save my members alot of time having to re-register an account just to use the script ( I have googled this over the past few days and so far not found anything concreat that I can use)

Thanks in advance

Kevin
Reply With Quote
  #2  
Old 02-16-2008, 06:41 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

https://vborg.vbsupport.ru/showthrea...highlight=salt

See: Authentication Storage
Reply With Quote
  #3  
Old 02-18-2008, 01:51 AM
ComputerModding ComputerModding is offline
 
Join Date: Sep 2007
Posts: 21
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thats just what I needed cheers Marco.

Thought even VB would of moved over to using sha1 by now md5 is still good with triple encryption though.
Reply With Quote
  #4  
Old 02-19-2008, 09:33 AM
baca85 baca85 is offline
 
Join Date: Jan 2008
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

niether sha1 or md5 are actually secure now not without a salt. Personally I use the newer sha2 algorithms with a salt.
Reply With Quote
  #5  
Old 02-19-2008, 09:48 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vBulletin will probably never move off the current algorithm because it would be a pain to do so. And many people don't have hash() installed and enabled.
Reply With Quote
  #6  
Old 02-19-2008, 09:53 AM
baca85 baca85 is offline
 
Join Date: Jan 2008
Posts: 3
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

well its enabled by default in php5 and since php6 is coming out soon and php4 now no longer being supported more people with have hash install and enabled by default surely. However i do agree it would be a pain in the backside to convert all the passwords for users but surely having the option to use sha1 and sha2 should be an option?
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:36 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07440 seconds
  • Memory Usage 2,201KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (6)post_thanks_box
  • (6)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (6)post_thanks_postbit_info
  • (6)postbit
  • (6)postbit_onlinestatus
  • (6)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete