How Can I Create phpfusions's sha256 password?: PHPFusion 8 Support

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Hi, I want to verify phpfusion's password with input $_POST[] password. But I cant do it.
How can i create and verify password?
Thanks...

0 replies

To the best of my knowledge, the way it works is that your hash string is what's stored into the database. So to verify, you would compare a newly hashed string, to the existing stored hash from the database.

Here's an example of how to create the hash using sha256 algorithm:

Code Download source

echo hash('sha256', 'Encrypted Password');

Will prodocue:

Quote

bb1faba95e2a6eb5e9550dcd50b4b36e9457104bd16ee41ed059056e8db57576

Perhaps if you elaborate on what you're wanting to accomplish, there may be an easier way to help you.

0 replies

0 replies

Are you sure your password is not MD5 encrypted.
PF 7.0.2.7 still has the option to use MD5

0 replies

The passwords in PHPFusion are salted, the salt always changes when you login so that password you see stored in the DB will always change.
More details in code https://github.com/PHPFusion/PHPFusion/blob/9.00/includes/classes/PHPFusion/Authenticate.php#L50

0 replies

[size=16]Generate Salt & Password Hash[/size]

Code Download source

$salt = sha1($_POST['password'], substr($_POST['password'], 12));
$password = hash_hmac('sha256', $_POST['password'], $salt);

[size=16]Verify Example[/size]

Code Download source

Authenticate::setUserCookie(USER_ID, $salt, "sha256", $remember, true);

Edited by NetriX on 20-02-2015 07:41, 9 y

0 replies

Code Download source

<?php
    $salt = sha1(";5qyg,1y8a5l&", substr(";5qyg,1y8a5l&", 12));
    $password = hash_hmac('sha256', ";5qyg,1y8a5l&", $salt);
    echo $password;
?>

Returns "356ba08930db3166c1f1f31568f16a1ed37159e244f0a32f66cddf84a467c6b8".

My encrypted password is (from phpfusion database): "1406122486491ab69852464d1da21df4f3f1489f2882fe784e3a3ce8175946ac"

0 replies

Code Download source


$my_pass = /PHPFusion/Defender::token('Enter Your Password Here');
$validate = /PHPFusion/Defender::return_token('Enter Your Password Here', $my_pass);

if ($validate) {
// do something
}

return_token function returns true or false (Boolean).

0 replies

Quote

My encrypted password is (from phpfusion database): "1406122486491ab69852464d1da21df4f3f1489f2882fe784e3a3ce8175946ac"
- by bgencacat

For detailed information, you should check out my Register/Login with Facebook Infusion here.

/infusions/connect/index.php has Register/Login/Authentication usage.

0 replies

Category Forum

System Administration - 8

Labels

None yet

Statistics

Views 0 views
Posts 8 posts
Votes 0 votes
Topic users 6 members

6 participants

Notifications

Track thread

You are not receiving notifications from this thread.

How Can I Create phpfusions's sha256 password?

8 posts

PHPFusion

Resources

Community

Development