Authentication Check [PHP]
Authentication Check [PHP]
// Thanks Tank
Last edited by Light on Tue Jan 20, 2015 2:25 pm, edited 1 time in total.
- Tank Program
- Forum & Project Admin, PhD
- Posts: 6711
- Joined: Thu Dec 18, 2003 7:03 pm
Re: Authentication Check [PHP]
Do @ct and aagid support md5 authentication? It looks like that's all your script is compatible with.
Re: Authentication Check [PHP]
Arma only supports md5, so they have to? Also, checking the methods return md5 as a valid option.Tank Program wrote:Do @ct and aagid support md5 authentication? It looks like that's all your script is compatible with.
http://ct.authentication.armagetronad.n ... ry=methods
Code: Select all
METHODS webform,md5,bmd5
Code: Select all
methods md5,bmd5
- kyle
- Reverse Outside Corner Grinder
- Posts: 1876
- Joined: Thu Jun 08, 2006 3:33 pm
- Location: Indiana, USA, Earth, Milky Way Galaxy, Universe, Multiverse
- Contact:
Re: Authentication Check [PHP]
I think that is where the problem is, authorities can control the way that the md5 is generated, I am pretty sure cts packs the username in there someplaceCode: Select all
// Get the hash ready. $passHash = $prefix . $pass . $suffix; $packedSalt = pack("H*", $salt); $packedPass = pack('H*', $passHash); $hash = md5($packedPass . $packedSalt)
Re: Authentication Check [PHP]
That would be inside the prefix or suffix, which is included in $passHash. I can echo it out to show you ..kyle wrote:I think that is where the problem is, authorities can control the way that the md5 is generated, I am pretty sure cts packs the username in there someplace
Code: Select all
Light:aaauth:{MD5 PASS REMOVED}:crazy-tronners.com
- Tank Program
- Forum & Project Admin, PhD
- Posts: 6711
- Joined: Thu Dec 18, 2003 7:03 pm
Re: Authentication Check [PHP]
I guess we never got around to putting SHA1 into the game. Maybe another thing for 0.4?
Reading through the code in more detail, I suspect your %u substitution may be at fault, and or something to do with the rest of the prefix/suffix code. forums, rx, and lt, don't use them, while ct & aagid do. %u will be case sensitive to exactly how it is in the database. Specifically, I think you needto becomeand then to changeto. If I do that, I can produce working code.
Reading through the code in more detail, I suspect your %u substitution may be at fault, and or something to do with the rest of the prefix/suffix code. forums, rx, and lt, don't use them, while ct & aagid do. %u will be case sensitive to exactly how it is in the database. Specifically, I think you need
Code: Select all
$passHash = $prefix . $pass . $suffix;
Code: Select all
$passHash = md5($prefix . $pass . $suffix);
Code: Select all
$pass = md5($_POST['password']);
Code: Select all
$pass = $_POST['password'];
Re: Authentication Check [PHP]
Tank, I love you! lol Stupid mistakes cost too much frustration. Thanks for catching that.
Re: Authentication Check [PHP]
hey light, how use the method webform?Light wrote:// Thanks Tank
Re: Authentication Check [PHP]
Dude, you're so far off topic in this thread. Don't dig up irrelevant posts from their grave. Use your current thread on the topic you're asking about.qqNob wrote:hey light, how use the method webform?Light wrote:// Thanks Tank
Re: Authentication Check [PHP]
My bad! I approved the post thinking it was in the other thread, leaving my 'does this even make sense' filter turned off.