Hashing method in RC6

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Anti-Spam Guide
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
The Jarhead
Registered User
Posts: 1
Joined: Sun Oct 14, 2007 12:00 pm

Hashing method in RC6

Post by The Jarhead » Sun Oct 14, 2007 12:08 pm

Hi,

i'm using a script that relies on the phpbb user datebase table.
for the authentication i need to check if hash(password input)==user_password [as stored in the table]
how can i do this using the ne hashing algorithm in rc6 (without the phpbb user api)?

______

edit:
okay, i've already found the phpbb_check_hash function ....

proton2112
Registered User
Posts: 19
Joined: Sun Nov 27, 2005 1:02 am

Re: Hashing method in RC6

Post by proton2112 » Mon Oct 15, 2007 9:55 am

also wondering this

mecu
Registered User
Posts: 23
Joined: Mon Oct 15, 2007 1:13 pm
Location: Colorado, USA
Contact:

Re: Hashing method in RC6

Post by mecu » Mon Oct 15, 2007 1:21 pm

in functions.php found in install/update/new/includes/ directory are some functions that handle password and hashing:

phpbb_hash - hash the password
phpbb_check_hash - check for correct password
_hash_gensalt_private - Generate salt for hash generation
_hash_encode64 - Encode hash
_hash_crypt_private - The crypt function/replacement

Before the first function is this information:
/**
*
* @version Version 0.1 / $Id: functions.php,v 1.640 2007/10/09 21:04:21 kellanved Exp $
*
* Portable PHP password hashing framework.
*
* Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
* the public domain.
*
* There's absolutely no warranty.
*
* The homepage URL for this framework is:
*
* http://www.openwall.com/phpass/
*
* Please be sure to update the Version line if you edit this file in any way.
* It is suggested that you leave the main version number intact, but indicate
* your project name (after the slash) and add your own revision information.
*
* Please do not change the "private" password hashing method implemented in
* here, thereby making your hashes incompatible. However, if you must, please
* change the hash type identifier (the "$P$") to something different.
*
* Obviously, since this code is in the public domain, the above are not
* requirements (there can be none), but merely suggestions.
I have not figured out how to use all these yet. Is it possible to just include functions.php and call the function like "phpbb_check_hash($password)" or do we just has the password with phpbb_hash and check that against the value stored in the DB?

natatkinson
Registered User
Posts: 30
Joined: Thu Nov 10, 2005 2:00 am
Location: Illinois, USA
Contact:

Re: Hashing method in RC6

Post by natatkinson » Wed Oct 17, 2007 3:05 am

Yes, I have the same problem, and I need access to my phpbb database!! Any idea on the encryption/hashing used???

User avatar
Marshalrusty
Project Manager
Project Manager
Posts: 29247
Joined: Mon Nov 22, 2004 10:45 pm
Location: New York City
Name: Yuriy Rusko
Contact:

Re: Hashing method in RC6

Post by Marshalrusty » Wed Oct 17, 2007 3:11 am

You can find more information on this here http://www.phpbb.com/community/viewtopi ... 6&t=585387
Have comments/praise/complaints/suggestions? Please feel free to PM me.

Need private help? Hire me for all your phpBB and web development needs

Locked

Return to “[3.0.x] Support Forum”