php mysql integration

Question

Giedrius 0 Newbie Poster

12 Years Ago

Hello guys i have a little problem with integration..Im using flashcoms WebcamChat trying to use integration so that can ppl login in to chat if they are registred on my website...

The integration is work ok but the problem is password in mysql User_tabe passwords is not a simple they are 40 characters long ones i think md5 or sha1 i don't know...

So if im trying to login with long password 40 characters it pass.But if i type simple one it Faill...

Is there anyone can help to make it work?

Website Im using is Skadate 8

Here is the code of flashcoms integration..

<?php

//Connect to users database
$db = mysql_connect('localhost','root','123456') or die(mysql_error());
mysql_select_db('dating',$db) or die(mysql_error());

//Init request parameters
$userName = (isset($_REQUEST["user_name"])) ? urldecode($_REQUEST["user_name"]) : "";
$password = (isset($_REQUEST["password"])) ? urldecode($_REQUEST["password"]) : "";
$uid = (isset($_REQUEST["uid"])) ? urldecode($_REQUEST["uid"]) : "";

//Check if user filled login and password in the login screen (Chat authorization)
if($userName != "" && $password != "")
{
  $sql = "SELECT * FROM skadate_profile WHERE username='".$userName."' AND password='".$password."'";
}
//session/cookie base authorization (Auto login)
else if ($_SESSION['user_id']!="")
{
  $sql = "SELECT * FROM users_table WHERE id='".$_SESSION["user_id"]."'";
}
// Non session/cookie based autologin authorization
else if ($uid!="")
{
  $sql = "SELECT * FROM users_table WHERE id='".$_GET['uid']."'";
}
else
{
  echo '<auth error="AUTH_ERROR" />';
  exit;
}

//Select user data
$result = mysql_query($sql,$db);

if(mysql_num_rows($result)==1)
{
  //User found. get user info
  $usersInfo = mysql_fetch_array($result);

  $photo = 'http://www.yourdomain.com/images/photos/'.$usersInfo['id'].'.png';
  $photoModeImage = 'http://www.yourdomain.com/images/photos_small/'.$usersInfo['id'].'.png';

  $answer = '<auth>';
  $answer .= '<userName><![CDATA['.$userName.']]></userName>';
  $answer .= '<gender>'.$usersInfo['gender'].'</gender>'; //male, female or couple
  $answer .= '<level>'.$usersInfo['level'].'</level>';
  $answer .= '<photo><![CDATA['.$photo.']]></photo>';
  $answer .= '<photoModeImage><![CDATA['.$photoModeImage.']]></photoModeImage>';
  $answer .= '</auth>';
  echo $answer;
  exit;
}
else
{
  //User not found OR authorization failed
  echo '<auth error="AUTH_ERROR" />';
  exit;
}

?>

mysql php

2 Contributors
2 Replies
226 Views
1 Day Discussion Span
Latest Post 12 Years Ago Latest Post by Giedrius

broj1 356 Humble servant

12 Years Ago

If password which is stored in the password database field is hashed (using md5 or sha1 function) then you have to also hash the password provide by the user (typed into a login form) and compare the hashes.

$hashed_password = sha1($passwod);
// ...
$sql = "SELECT * FROM skadate_profile WHERE username='".$userName."' AND password='".$hashed_password."'";

If all stored passwords are 40 chars long and have no reasonable meaning then they have probably been hashed with sha1 which by default produces 40 chars hash.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Giedrius 0 Newbie Poster · Answer 1 · 2011-11-30T08:34:11+00:00

it doesn't work dunno whats wrong same only with 40 chars i can connect simple password doesn't work