Where does the MD5 hash get put in the DB?
DB question
01/28/2010 06:56
LordVolk#1
01/28/2010 07:12
janvier123#2
account.dbo.user_profile
01/28/2010 07:15
LordVolk#3
Thanks
01/28/2010 07:22
janvier123#4
Dont post "thanks" but press [Only registered and activated users can see links. Click Here To Register...]
you may get a warning about that so ...
you may get a warning about that so ...
01/28/2010 08:08
=Warmonger=#5
I find it quite awkward how on both inserts of account information. USER_PROFILE passwords MD5(32) hashed and TBL_USER is not... Has anyone tried using hashed passwords in TBL_USER? Quite weird how they would hash one tables passwords for security yet you can just return rows from TBL_USER and get all the original passwords without cracking the hash.
01/28/2010 08:21
Nosferatu.#6
well you never , never in you live can crack a md5 hash :)) That is a "hash" not a endcoded string.
and Yes you can Restore USER_PROFILE with Tbl_user
and Yes you can Restore USER_PROFILE with Tbl_user
PHP Code:
$con = @mssql_connect($mssql['host'],$mssql['user'],$mssql['pass']);
$result1 = mssql_query("SELECT user_no,user_id,user_pwd FROM account.dbo.Tbl_user",$con) or die('error1');
while($row1 = @mssql_fetch_row($result1)) {
$result1 = mssql_query("INSERT INTO account.dbo.USER_PROFILE (user_no,user_id,user_pwd,resident_no,user_type,login_flag,login_tag,ipt_time,login_time,logout_time,user_ip_addr,server_id) VALUES ('".$row1[0]."','".$row1[1]."','".md5($row1[2])."','801011000000','1','0','Y','',null,null,null,'000')",$con) or die('error2');
}
01/28/2010 08:31
Decima#7
the reason its like that, is because tbl_user isnt really even used, it was for website login and such at sometime, but if you try it, u dont even have to make an entry in tbl_user, just user_profile, and ur account will work just fineQuote:
I find it quite awkward how on both inserts of account information. USER_PROFILE passwords MD5(32) hashed and TBL_USER is not... Has anyone tried using hashed passwords in TBL_USER? Quite weird how they would hash one tables passwords for security yet you can just return rows from TBL_USER and get all the original passwords without cracking the hash.
and @scott, seems pretty funny to me that u promise all this great stuff for ur server, like TWO new classes, but u have to ask how to add coins, and didnt know which table used the hash for the password lmfao