Obviously you miss the point
I can't take the password from the player file and use it directly.
I can't use the rom password directly, because php does NOT recognize the
encryption method used here. I've tried with crypt, md5, blowfish.
If rom uses custom passwords, then I'll just have to find some other way to
deal with this (to grab the player password as they type it in somehow is
probably the easiest way to do it).
in this case, it's not as simple as comparing X to Y because there IS no
comparison between the two as far as I've seen. The passwords are encrypted
in some unstandard (??) way from the best that I can find. The question was
(and still is) how is this encrypted, and if it's not standard, how to
convert that to an md5 encryption, or system crypt(), or blowfish, ANYTHING
that php would recognize as an encryption method.
On Sunday 22 September 2002 10:11 pm, Dale Kingston wrote:
> if (strcmp (crypt (argument, ch->pcdata->pwd),
> ch->pcdata->pwd)) {
> send_to_desc ("Wrong password.\n\r", d);
> close_socket (d);
> return;
> }
>
> Can you please explain why it is compareing what crypt returned to what
> your password was?
>
> ----- Original Message -----
> From: "Tom Whiting" <[EMAIL PROTECTED]>
> To: "Dale Kingston" <[EMAIL PROTECTED]>; "ROM" <[email protected]>
> Sent: Sunday, September 22, 2002 6:58 PM
> Subject: Re: Odd crypt question
>
>
> Actually, it's not quite that simple.
> You CAN take what they said is their password, but it's not going to get
> you anywhere.. Believe me, I've tried.
> the logical way to do this would be
> create a function called decrypt_pass(CHAR_DATA *ch, char *argument)
> somewhere in the code
> when they enter the correct password into the game:
> decrypt pass(ch, argument);
> case CON_GET_OLD_PASSWORD:
> #if defined(unix)
> write_to_buffer( d, "\n\r", 2 );
> #endif
> decrypt_pass (ch, argument);
> BUT, this doesn't work. It simply throws the last command the character
> typed
> into the field that this is saved as (I tried it and checked)
>
> So, it's not as simple as grabbing what they 'say' is their password. This
> is
> actually a good thing, otherwise it'd be too easy for someone to grab
> player passwords.
>
> Unfortunately, my php experience is highly limited (I'm getting there, but
> it
> isn't exactly easy), and my encryption experience actually is less.. It's
> not exactly something I'm looking forward to tackling, but it's something
> that needs to be done.
>
> I'm not sure what Jason was referring to, I'm kind of lost there to be
> honest.
> The portal uses md5 encryption, but to get that going I'd assume would be
> too
> hard to deal with.
>
> On Sunday 22 September 2002 09:50 pm, Dale Kingston wrote:
> > you don't decrypt the password. what you do is you crypt the password and
> > then when they log in you take what they said was their password and
> > crypt that and then you see if their the exact same. you don't have to
> > decrypt
>
> it
>
> > just compare the two results.
> >
> > ----- Original Message -----
> > From: "Tom Whiting" <[EMAIL PROTECTED]>
> > To: <[email protected]>
> > Sent: Sunday, September 22, 2002 6:07 PM
> > Subject: Odd crypt question
> >
> >
> > Greetings,
> >
> > Over the past few months, I've been in the process of dealing with sql
> > files,
> > playing with web users and the like, in the ultimate effort to create a
> > user database that is intertwined with web and telnet users (eventually).
> >
> > In doing so, however, I've run across a few problems with crypt(), or
>
> maybe
>
> > it's just that I don't understand crypt all that well (either way it's a
> > problem).
> >
> > The file gets written to the database (sql), rather well, but i can't
> > figure out which version of encryption is used to figure rom passwords
>
> out.
>
> > Is this system crypt? md5? custom?
> >
> > If it's custom, is there a way to take this password, decrypt it (without
> > having to use plain passwords), in order for it to be encrypted, or
> > thrown into the database so that php/sql can recognize it somehow, or is
> > this pretty
> > much out of the question?
