Jump to content
MakeWebGames

no encryption


dmcdaid
 Share

Recommended Posts

Re: no encryption

 

or if some1 forgets password,that i would be able to tell em it or change it

Sure you can. Copy your encrypted password into their user info. Then you can login as them with your password and change it.

or... send em an email with a special code that they can use to reset their password... simple stuff

Link to comment
Share on other sites

Re: no encryption

open register.php and login.php (or maybe authenticate.php, i forget)

control + f

search for md5

you will see something like

md5($variable)

 

just take off the md5 so it will look like this

$variable

now that i think about it... pretty sure its only in register and authenticate

Link to comment
Share on other sites

Re: no encryption

just dont friggen do it

they dont need to be reminded, if they forget, they can reset it

also, its more trusting for the members if the owner doesn't know their password, and its more secure if someone d/ls your database

its more work than its worth, and you can't just copy the md5'd string and use it as the password because that'd be hashed again, and they wont be able to login

Link to comment
Share on other sites

  • 2 months later...

Re: no encryption

Yeah, it was posted at a different date on here by myself, and some others have posted it too, here it is.

 

FIND IN PREFERENCES.PHP

 

function pass_change()
{
global $ir,$c,$userid,$h;
print "<h3>Password Change</h3><form action='preferences.php?action=passchange2' method='post'>Current Password: <input type='password' name='oldpw' />

New Password: <input type='password' name='newpw' />

Confirm: <input type='password' name='newpw2' />

<input type='submit' value='Change PW' /></form>";
}
function do_pass_change()
{
global $ir,$c,$userid,$h;
if($_POST['oldpw'] != $ir['userpass'])
{
print "The current password you entered was wrong.

[url='preferences.php?action=passchange']> Back[/url]";
}
else if($_POST['newpw'] !== $_POST['newpw2'])
{
print "The new passwords you entered did not match!

[url='preferences.php?action=passchange']> Back[/url]";
}
else
{
mysql_query("UPDATE users SET userpass='{$_POST['newpw']}' WHERE userid=$userid",$c);
print "Password changed!";
}
}

 

REPLACE WITH

 

function pass_change()
{
global $ir,$c,$userid,$h;
print "<h3>Password Change</h3><form action='preferences.php?action=passchange2' method='post'>Current Password: <input type='password' name='oldpw' />

New Password: <input type='password' name='newpw' />

Confirm: <input type='password' name='newpw2' />

<input type='submit' value='Change PW' /></form>";
}
function do_pass_change()
{
global $ir,$c,$userid,$h;
if(md5($_POST['oldpw']) != $ir['userpass'])
{
print "The current password you entered was wrong.

[url='preferences.php?action=passchange']> Back[/url]";
}
else if($_POST['newpw'] !== $_POST['newpw2'])
{
print "The new passwords you entered did not match!

[url='preferences.php?action=passchange']> Back[/url]";
}
else
{
mysql_query("UPDATE users SET userpass=md5('{$_POST['newpw']}') WHERE userid=$userid",$c);
print "Password changed!";
}
}
Link to comment
Share on other sites

Re: no encryption

As i have seen in previous posting's, People have said the person who requested this 'why' the wont the script.

1) Its there game, just tell them.

2) Whoever did tell the code. You must be great and the person must thank you for it.

I'm not well-known to be good around here, but i changed my ways aswell.

Thanks.

Just wanted to add a note.

Link to comment
Share on other sites

Re: no encryption

Easy way out? Most everyone has a dummy account that the owner or coder uses to test. Make that a general password. Copy the encrypted password form in the db to the user's password field in the database that has lost his password. Email them the new (non-encrypted) password. Viola! You can change your test account password as needed. Worked for me.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...