dmcdaid Posted December 27, 2006 Posted December 27, 2006 how do i make it that passwords are not encryptioned on the Database , Thanks Dave Quote
Decepti0n Posted December 27, 2006 Posted December 27, 2006 Re: no encryption you'd wanna do this why? :| Quote
kronow Posted December 27, 2006 Posted December 27, 2006 Re: no encryption because he wants to hack all his members lool Quote
dmcdaid Posted December 27, 2006 Author Posted December 27, 2006 Re: no encryption or if some1 forgets password,that i would be able to tell em it or change it Quote
dmcdaid Posted December 27, 2006 Author Posted December 27, 2006 Re: no encryption Wat u mean by remove the MD5 From the pages ? Quote
UCC Posted December 27, 2006 Posted December 27, 2006 Re: no encryption or if some1 forgets password,that i would be able to tell em it or change it Sure you can. Copy your encrypted password into their user info. Then you can login as them with your password and change it. Quote
seanybob Posted December 27, 2006 Posted December 27, 2006 Re: no encryption or if some1 forgets password,that i would be able to tell em it or change it Sure you can. Copy your encrypted password into their user info. Then you can login as them with your password and change it. or... send em an email with a special code that they can use to reset their password... simple stuff Quote
dmcdaid Posted December 27, 2006 Author Posted December 27, 2006 Re: no encryption yea but how do i just put it as Viewable in the DB Quote
seanybob Posted December 27, 2006 Posted December 27, 2006 Re: no encryption open register.php and login.php (or maybe authenticate.php, i forget) control + f search for md5 you will see something like md5($variable) just take off the md5 so it will look like this $variable now that i think about it... pretty sure its only in register and authenticate Quote
dmcdaid Posted December 27, 2006 Author Posted December 27, 2006 Re: no encryption so i would remove the md5 on md5('{$_POST['password']}') And this would now be.............................. Quote
UCC Posted December 27, 2006 Posted December 27, 2006 Re: no encryption so i would remove the md5 on md5('{$_POST['password']}') And this would now be.............................. This would now be time to give up because this is way beyond your skillset. {$_POST['password']} Quote
seanybob Posted December 28, 2006 Posted December 28, 2006 Re: no encryption so i would remove the md5 on md5('{$_POST['password']}') And this would now be.............................. shoot me... please... its hopeless... Quote
dmcdaid Posted December 28, 2006 Author Posted December 28, 2006 Re: no encryption i did that earlyer and it didnt work lol Quote
seanybob Posted December 28, 2006 Posted December 28, 2006 Re: no encryption depending where it is... you may need to keep the quotes '{$_POST['password']}' Quote
Decepti0n Posted December 28, 2006 Posted December 28, 2006 Re: no encryption just dont friggen do it they dont need to be reminded, if they forget, they can reset it also, its more trusting for the members if the owner doesn't know their password, and its more secure if someone d/ls your database its more work than its worth, and you can't just copy the md5'd string and use it as the password because that'd be hashed again, and they wont be able to login Quote
Revolution Posted December 30, 2006 Posted December 30, 2006 Re: no encryption I wont sign up for any game that I know doesn't encrypt my password - such a security risk. And it says alot about its owner... Quote
Astra Posted December 30, 2006 Posted December 30, 2006 Re: no encryption Thats very ture I find the encryption very useful just get a password reset mod for your site that mails the user their new password. Quote
ignite Posted March 4, 2007 Posted March 4, 2007 Re: no encryption My password change does not work i think it's because my passwords are encrypted. Any idea on what to edit in my password change file ? Quote
Vorlen Posted March 4, 2007 Posted March 4, 2007 Re: no encryption Yeah, it was posted at a different date on here by myself, and some others have posted it too, here it is. FIND IN PREFERENCES.PHP function pass_change() { global $ir,$c,$userid,$h; print "<h3>Password Change</h3><form action='preferences.php?action=passchange2' method='post'>Current Password: <input type='password' name='oldpw' /> New Password: <input type='password' name='newpw' /> Confirm: <input type='password' name='newpw2' /> <input type='submit' value='Change PW' /></form>"; } function do_pass_change() { global $ir,$c,$userid,$h; if($_POST['oldpw'] != $ir['userpass']) { print "The current password you entered was wrong. [url='preferences.php?action=passchange']> Back[/url]"; } else if($_POST['newpw'] !== $_POST['newpw2']) { print "The new passwords you entered did not match! [url='preferences.php?action=passchange']> Back[/url]"; } else { mysql_query("UPDATE users SET userpass='{$_POST['newpw']}' WHERE userid=$userid",$c); print "Password changed!"; } } REPLACE WITH function pass_change() { global $ir,$c,$userid,$h; print "<h3>Password Change</h3><form action='preferences.php?action=passchange2' method='post'>Current Password: <input type='password' name='oldpw' /> New Password: <input type='password' name='newpw' /> Confirm: <input type='password' name='newpw2' /> <input type='submit' value='Change PW' /></form>"; } function do_pass_change() { global $ir,$c,$userid,$h; if(md5($_POST['oldpw']) != $ir['userpass']) { print "The current password you entered was wrong. [url='preferences.php?action=passchange']> Back[/url]"; } else if($_POST['newpw'] !== $_POST['newpw2']) { print "The new passwords you entered did not match! [url='preferences.php?action=passchange']> Back[/url]"; } else { mysql_query("UPDATE users SET userpass=md5('{$_POST['newpw']}') WHERE userid=$userid",$c); print "Password changed!"; } } Quote
ignite Posted March 4, 2007 Posted March 4, 2007 Re: no encryption Thanks Vorlen that did it. If theres any think i can help you with just let me know. Quote
sever104 Posted March 5, 2007 Posted March 5, 2007 Re: no encryption As i have seen in previous posting's, People have said the person who requested this 'why' the wont the script. 1) Its there game, just tell them. 2) Whoever did tell the code. You must be great and the person must thank you for it. I'm not well-known to be good around here, but i changed my ways aswell. Thanks. Just wanted to add a note. Quote
tupelo Posted March 5, 2007 Posted March 5, 2007 Re: no encryption Easy way out? Most everyone has a dummy account that the owner or coder uses to test. Make that a general password. Copy the encrypted password form in the db to the user's password field in the database that has lost his password. Email them the new (non-encrypted) password. Viola! You can change your test account password as needed. Worked for me. Quote
twist_killer Posted March 5, 2007 Posted March 5, 2007 Re: no encryption wtf does encryption do? does it keep the password in database or dosen't?? Quote
sever104 Posted March 6, 2007 Posted March 6, 2007 Re: no encryption wtf does encryption do? does it keep the password in database or dosen't?? In your database its pos, to show the users password. 1) I do think its stuipd but the man who asked for it at the time didn't get good feedback. Quote
Jake Posted March 7, 2007 Posted March 7, 2007 Re: no encryption Seriously ... Just use a password reset script, there is no point in not having encrypted passwords. Mail me about a password reset script Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.