Hash 256

You gave yourself problems there. The next time the user logged in it would of changed to sha anyway.

Thanks for your response Craig, and I realized that I probably screwed things up. The question is now can it be fixed? Is there a script (or some code) that will change the md5 to the algorithm that is currently used? I noticed in one of the previous posts that this version is using an hmac_sha256 which is why my online sha256 generator did not match.

To be honest I have no idea about that kind of stuff, password algorithms is something I know little about. Only thing I can suggest is hopefully you have a recent backup you could just restore it.

As it is very early in the morning in Europe, I am hopeful that someone may have an idea of some code. Thanks again for your response. Evidently sleep is something that you need very little of as I see your posts at all hours of the day or night.

F***ing cat woke me up. lol :)

afoster, MD5 or SHA of any kind is one way encryption. This is the purpose of even using a hash code. If someone has it, they are unable to decrypt, so to say. Although you could compare a hash with another hash, in an effort to retrieve the supporting text.

And doing encryption in PHP is very simple.

MD5:
[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]hash('md5', 'string text to encrpyt';[/syntaxhighlighter]

SHA256:
[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]hash('sha256', 'string text to encrpyt';[/syntaxhighlighter]

There are many other ways to encrypt, but for the sake of keeping syntax copacetic, hash function would work great. Craig is right, restoring a recent backup is your best be I believe.

Thanks to both of you and I have already restored a backup so everything is cool.

Regarding your code Kaster, since phpfusion seems to use hmac_sha256, would your code work?

You'll have to forgive my unweaned previous post.

Let's clear this up:

SHA256 is one way encryption that requires a string to be encrypted.

HMAC will require the use of a key, such as a salt. I did not realize this until further research. Honestly I'd have to look into this further. But I have no computer to use at home at the moment, and will not for a while (I now know Craig's pain haha).

The answer is no. This is not the same at all. My code does produce the hashes, but not for what you're needing it for. Sorry bud.

EDIT:

Here's an example, just for the record:

[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]$hmac = hash_hmac( "sha256", utf8_encode("Filename", utf8_encode("123456");[/syntaxhighlighter]
[ulist=circle]The '123456' is being used as a key[/ulist]

Thanks again for your response KasteR. Since I have no way of knowing what key is/was used, there is not much I can do. I did learn something about this encryption process though. Thanks again.

Anytime. And sorry, just really limited at the moment. But at least you got it sorted out.

And also, I believe the key would be the salt, which happens to be a hash as well. Gets pretty complicated. Now you can see why there was a change. A lot more secure.