Advertisement
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved SimpleAuth Web API

Comments in 'Plugin Development' started by jjmc, Dec 16, 2015.

  1. jjmc
    Offline

    jjmc New Member

    Joined:
    Oct 18, 2015
    Posts:
    41
    Hi,
    I'm trying to make an online portal for my server where players can change their password, ...
    I'm using SimpleAuth and storing passwords in a MySQL database.
    Which hash does SimpleAuth use to encrypt the password?
    I've already looked in the code but i don't really understand it, maybe you could write an example how to do it on a website.
  2. Creeperface
    Offline

    Creeperface Notable Member Plugin Developer

    Joined:
    Nov 8, 2014
    Posts:
    1,346
    Plugins:
    4
    Minecraft User:
    CreeperFace
    just use the same code which uses simpleauth
  3. Lambo
    Offline

    Lambo Notable Member Plugin Developer

    Joined:
    Sep 14, 2013
    Posts:
    431
    Plugins:
    4
    Minecraft User:
    Lambo
    PHP:
    /**
    * Uses SHA-512 [http://en.wikipedia.org/wiki/SHA-2] and Whirlpool [http://en.wikipedia.org/wiki/Whirlpool_(cryptography)]
    *
    * Both of them have an output of 512 bits. Even if one of them is broken in the future, you have to break both of them
    * at the same time due to being hashed separately and then XORed to mix their results equally.
    *
    * @param string $salt
    * @param string $password
    *
    * @return string[128] hex 512-bit hash
    */
    private function hash($salt$password){
        return 
    bin2hex(hash("sha512"$password $salttrue) ^ hash("whirlpool"$salt $passwordtrue));
    }
    PEMapModder likes this.
  4. jjmc
    Offline

    jjmc New Member

    Joined:
    Oct 18, 2015
    Posts:
    41
    Sure, thats the part I understood, but how to call the function hash()?
    I'm trying to call hash("username", "cleartextpassword");, but there's an error:
    Warning: hash(): Unknown hashing algorithm: username in /***/htdocs/simpleauth_bridge/index.php on line 19

    Here's my code:

    PHP:
    <?php
    include 'db.inc.php';

    class 
    index {
        function 
    hash($salt$password){
            return 
    bin2hex(hash("sha512"$password.$salttrue) ^ hash("whirlpool"$salt.$passwordtrue));
        }
    }

    $name "username";

    $result $db->query('SELECT * FROM simpleauth_players WHERE name = "'.$name.'"');
    $row $result->fetch_assoc();

    echo 
    $row['hash'];

    echo 
    "<hr>";

    echo 
    hash(strtolower("username"), "nohackpwd");
    I've tried many things but it's always not the same hash like in database or there's an error. How to do that?
  5. basprohop
    Offline

    basprohop Active Member Plugin Developer

    Joined:
    Aug 8, 2015
    Posts:
    128
    Plugins:
    3
    Minecraft User:
    basprohop
    That's not how you use the hash function the first parameter is suppose to be an algorithm. That's why you get the error "hash(): Unknown hashing algorithm: username" because you are telling it to use "username" as the algorithm to hash the password. Also what going on with your Parentheses?
  6. Dinokiller
    Offline

    Dinokiller Notable Member

    Joined:
    Sep 22, 2013
    Posts:
    376
    Minecraft User:
    Dinokiller_
    He's implemented the hash function himself, read the thread carefully before answering please.



    hash() should not be in a class.
    PHP:
    function hash($salt$password){
            return 
    bin2hex(hash("sha512"$password.$salttrue) ^ hash("whirlpool"$salt.$passwordtrue));
    }

    $name "username";

    $result $db->query('SELECT * FROM simpleauth_players WHERE name = "'.$name.'"');
    $row $result->fetch_assoc();

    echo 
    $row['hash'];

    echo 
    "<hr>";

    echo 
    hash(strtolower("username"), "nohackpwd");
  7. jjmc
    Offline

    jjmc New Member

    Joined:
    Oct 18, 2015
    Posts:
    41
    Thank you, the error was very easy :)

    When I used function hash(), there was an error because this function already exists, so i renamed it to hashit() or something special, then it worked.
    PEMapModder likes this.
  8. basprohop
    Offline

    basprohop Active Member Plugin Developer

    Joined:
    Aug 8, 2015
    Posts:
    128
    Plugins:
    3
    Minecraft User:
    basprohop
    Regardless the error can be replicated using the default hash function, so I wasn't wrong at all. Which could also be a hint to properly implement his own function . So please try understanding where I'm coming from, rather than jumping on the train and assuming I didn't read the thread which wasn't the case at all.
    Last edited: Dec 17, 2015
    applqpak likes this.

Share This Page

Advertisement