09-01-2002, 01:33 PM
|
|
Web Hosting Guru
|
|
Join Date: Aug 2002
Location: Toronto, Canada
Posts: 286
|
|
php password check/login script
Hi, I am currently using Ensim Webppliance, and would like to create a members only area. I have no problem with making the members only area, but I would like each users password to be the same as their webppliance password. Any Idea's?
__________________
www.prolinker.com - free automatic linking to your website
|
09-01-2002, 08:24 PM
|
|
Web Hosting Guru
|
|
Join Date: Jul 2002
Location: Australia
Posts: 324
|
|
I think that u have to change each password manually....
Thats my thinking...
|
09-01-2002, 11:44 PM
|
|
WHT Addict
|
|
Join Date: Apr 2002
Location: Cornfield
Posts: 131
|
|
Depends on how Ensim stores passwords. If it stores them in a hashed password file that's readable by the Apache user, you can just open the file, and read it line by line until you match it against the username to find the hashed password, and then hash the password they entered and check it against the entry in the file.
Sorry if I'm entirely wrong, but I'm entirely UNfamiliar with Ensim.
__________________
Fire extinguisher extraordinare
-------------------------------
FastServers.Net NOC Admin
|
09-03-2002, 03:21 AM
|
|
Newbie
|
|
Join Date: Aug 2002
Posts: 8
|
|
Change the
SELECT * FROM user WHERE user = $user AND pass = $pass
|
09-03-2002, 04:32 AM
|
|
Web Hosting Master
|
|
Join Date: Jan 2002
Location: Atlanta, GA
Posts: 1,249
|
|
Quote:
Originally posted by boostar
Change the
SELECT * FROM user WHERE user = $user AND pass = $pass
|
Nice guess....
But, more than likely if Ensim stores passwords in a db (which I have no clue whether or not they do) it'd be.
PHP Code:
$pass = md5($pass);
SELECT * FROM user WHERE user = $user AND pass = $pass
__________________
char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 }main (){void (*f)() = x;f();}
I wear a gray hat 
|
09-03-2002, 06:28 AM
|
|
Web Hosting Master
|
|
Join Date: May 2002
Location: UK
Posts: 2,994
|
|
you could go for the slightly simpler method and put it all in SQL
Code:
SELECT * FROM user WHERE user = $user AND pass = MD5($pass)
|
09-03-2002, 02:11 PM
|
|
Web Hosting Guru
|
|
Join Date: Aug 2002
Location: Toronto, Canada
Posts: 286
|
|
It looks like the passwords are stored in the passwd and shadow files for webppliance. Are there any scripts that can check that a password is valid in the passwd file? or is there any way of decoding the passwords?
__________________
www.prolinker.com - free automatic linking to your website
|
09-03-2002, 02:48 PM
|
|
Web Hosting Master
|
|
Join Date: Mar 2002
Location: Westbury, LI NY
Posts: 1,705
|
|
Last edited by Acronym BOY; 09-03-2002 at 02:53 PM.
|
09-03-2002, 03:09 PM
|
|
Web Hosting Master
|
|
Join Date: Jan 2002
Location: Atlanta, GA
Posts: 1,249
|
|
Quote:
Originally posted by Acronym BOY
Nevermind
|
Considering your name, wouldn't "n/m" be more correct?
__________________
char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 }main (){void (*f)() = x;f();}
I wear a gray hat
|
09-03-2002, 03:35 PM
|
|
Newbie
|
|
Join Date: Aug 2002
Posts: 8
|
|
lol 
Who knowes how the securety is on that system?
Not many systems uses md5 crypt passwords, then that wont work! If they do, thats the only way....
|
09-04-2002, 05:41 AM
|
|
Web Hosting Guru
|
|
Join Date: Jul 2002
Location: Australia
Posts: 324
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
