Uridium Posted March 15, 2014 Share Posted March 15, 2014 This small but hopefully helpful addon will stop multis by password and IP just add this below where it checks for username You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote Link to comment Share on other sites More sharing options...
Guest Posted March 15, 2014 Share Posted March 15, 2014 This small but hopefully helpful addon will stop multis by password and IP just add this below where it checks for username You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Password is a bad idea imo, sure it might detect it, but I bet some of your users have the same password ^_^. However thanks for your contribution. Quote Link to comment Share on other sites More sharing options...
Reecey12345 Posted March 15, 2014 Share Posted March 15, 2014 Password is a bad idea imo, sure it might detect it, but I bet some of your users have the same password ^_^. However thanks for your contribution. could that just be changed from ['password'] to ['username'] or ID? Quote Link to comment Share on other sites More sharing options...
Uridium Posted March 15, 2014 Author Share Posted March 15, 2014 could that just be changed from ['password'] to ['username'] or ID? Yes it can be done Quote Link to comment Share on other sites More sharing options...
MNG Posted March 15, 2014 Share Posted March 15, 2014 Password is a bad idea imo, sure it might detect it, but I bet some of your users have the same password ^_^. However thanks for your contribution. Same password O_o lol that would be very uncommon I looked over one of my database with 412 users and I have never came across any user with the same password unless it was a multi which was identified by the IP. Quote Link to comment Share on other sites More sharing options...
Guest Posted March 15, 2014 Share Posted March 15, 2014 Same password O_o lol that would be very uncommon I looked over one of my database with 412 users and I have never came across any user with the same password unless it was a multi which was identified by the IP. How are you storing your passwords.. you shouldn't be able to tell if any are the same at all Quote Link to comment Share on other sites More sharing options...
Dominion Posted March 15, 2014 Share Posted March 15, 2014 Same password O_o lol that would be very uncommon I looked over one of my database with 412 users and I have never came across any user with the same password unless it was a multi which was identified by the IP. It's not uncommon at all. There are a lot of commonly used passwords around. That aside why are you checking your user's passwords (or even able to)? O.o Quote Link to comment Share on other sites More sharing options...
sniko Posted March 15, 2014 Share Posted March 15, 2014 It's not uncommon at all. There are a lot of commonly used passwords around. That aside why are you checking your user's passwords (or even able to)? O.o As this is for McCodes, and McCodes uses md5 by default - which doesn't use a salt, thus giving the same encrypted string for a password ("hello" = "5d41402abc4b2a76b9719d911017c592") - we're able to check. Quote Link to comment Share on other sites More sharing options...
Guest Posted March 15, 2014 Share Posted March 15, 2014 As this is for McCodes, and McCodes uses md5 by default - which doesn't use a salt, thus giving the same encrypted string for a password ("hello" = "5d41402abc4b2a76b9719d911017c592") - we're able to check. Oh yeh I forgot people don't actually encrypt there passwords >.<. They should ban md5 for passwords haha Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted March 15, 2014 Share Posted March 15, 2014 My registration system I'm making will be different ;) Quote Link to comment Share on other sites More sharing options...
MNG Posted March 15, 2014 Share Posted March 15, 2014 How are you storing your passwords.. you shouldn't be able to tell if any are the same at all I like steal my members passwords and try to hack anything they own.... I use GRPG so it don't hash the password like mccode does, well I have hash all my passwords with md5 about 2 months ago. Just having the forget password problem now but I really haven't been looking up ways to solve that part so not a big deal for that part. Also most people aren't like me, I get bored and wonder how many old people from my old games join my new ones. I mostly look at the name and the password table is like under it so with that being said it's kind of hard not to see their passwords. The database was like about 2 years old so it's no biggie, I never sell my players info and I am in that state to make a mass e mailer when I have free time on my hand so I could use all my databases to get players to join my game that is being worked on. Quote Link to comment Share on other sites More sharing options...
Zettieee Posted March 15, 2014 Share Posted March 15, 2014 @MNG - for your forgot problem, give them a new password and email it to them. Quote Link to comment Share on other sites More sharing options...
MNG Posted March 15, 2014 Share Posted March 15, 2014 @MNG - for your forgot problem, give them a new password and email it to them. Yeah, when it does that it send the md5 hash, but I am sure I could just add the md5 <--> password to it. Yeah, these aren't big problems for me I just been busy with work so i never have a chance to developer but all of it will be done before it's released. Quote Link to comment Share on other sites More sharing options...
Zettieee Posted March 15, 2014 Share Posted March 15, 2014 Just do this: $randnum = mt_rand(1,999999999); $newpass = $randnum; $insertpw = md5($newpass); Send $newpass to the email and insert $inserpw to the database.. Ofc tell the user to change the password. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.