I would like to use the oxwall user database for an external chatroom.
I know nothing about hashes.
I can access the user data base and can access the username and password but the password is hashed.
All I want to do is make a snippet of php to check the username and password and return true of false.
The snippet would be something like the one below.
I just want to know how I can hash my user submitted password in the same was as Oxwall did when it stores the passwords.
<?php
/* Check user details */
$passwordHash = sha1($_POST['password']);
$sql = 'SELECT username FROM user WHERE username = $username AND passwordHash = $passwordHash';
$result = $db->query($sql, array($_POST['username'], $passwordHash));
if ($result->numRows() < 1)
{
/* Access denied */
echo 'Sorry, your username or password was incorrect!';
}
else
{
/* Log user in */
printf('Welcome back %s!', $_POST['username']);
}
?>
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
Authenticate a signature. | Forum
John
Jan 14 '13
I already found the answer
Get the salt key from /ow_includes/config.php
Then use this function.
function genenrate_password($salt,$pass){
$password_hash = '';
$mysalt = $salt;
//$password_hash= hash('SHA256', "".$mysalt."".$pass."");
$password_hash= hash('SHA256', "$mysalt"."$pass");
return $password_hash;
}
$salt ="5435gdgrey46";
$plain_pass = "myweakpassword"; /* any password/text collected from user input */
echo "My Hash Password Is: ".genenrate_password($salt , $plain_pass);
I got most of this from here
http://www.developmentwall.com/...ord-hash-sha256-php/
Get the salt key from /ow_includes/config.php
Then use this function.
function genenrate_password($salt,$pass){
$password_hash = '';
$mysalt = $salt;
//$password_hash= hash('SHA256', "".$mysalt."".$pass."");
$password_hash= hash('SHA256', "$mysalt"."$pass");
return $password_hash;
}
$salt ="5435gdgrey46";
$plain_pass = "myweakpassword"; /* any password/text collected from user input */
echo "My Hash Password Is: ".genenrate_password($salt , $plain_pass);
I got most of this from here
http://www.developmentwall.com/...ord-hash-sha256-php/
