Firstly, you said you wanted to put the ROM players passwords into an SQL database.
You never said you would be using PHP, or anything else for that matter. We can't read your mind. "because php does NOT recognize the encryption method used here" Bullshit :) http://www.php.net/manual/en/function.crypt.php > -----Original Message----- > From: Tom Whiting [mailto:[EMAIL PROTECTED] > Sent: Sunday, September 22, 2002 9:26 PM > To: Dale Kingston; ROM > Subject: Re: Odd crypt question > > > Obviously you miss the point > I can't take the password from the player file and use it > directly. I can't use the rom password directly, because php > does NOT recognize the > encryption method used here. I've tried with crypt, md5, blowfish. > > If rom uses custom passwords, then I'll just have to find > some other way to > deal with this (to grab the player password as they type it > in somehow is > probably the easiest way to do it). > > in this case, it's not as simple as comparing X to Y because > there IS no > comparison between the two as far as I've seen. The > passwords are encrypted > in some unstandard (??) way from the best that I can find. > The question was > (and still is) how is this encrypted, and if it's not > standard, how to > convert that to an md5 encryption, or system crypt(), or > blowfish, ANYTHING > that php would recognize as an encryption method. > > > On Sunday 22 September 2002 10:11 pm, Dale Kingston wrote: > > if (strcmp (crypt (argument, ch->pcdata->pwd), > > ch->pcdata->pwd)) { > > send_to_desc ("Wrong password.\n\r", d); > > close_socket (d); > > return; > > } > > > > Can you please explain why it is compareing what crypt returned to > > what your password was? > > > > ----- Original Message ----- > > From: "Tom Whiting" <[EMAIL PROTECTED]> > > To: "Dale Kingston" <[EMAIL PROTECTED]>; "ROM" <[email protected]> > > Sent: Sunday, September 22, 2002 6:58 PM > > Subject: Re: Odd crypt question > > > > > > Actually, it's not quite that simple. > > You CAN take what they said is their password, but it's not > going to > > get you anywhere.. Believe me, I've tried. the logical way > to do this > > would be create a function called decrypt_pass(CHAR_DATA *ch, char > > *argument) somewhere in the code > > when they enter the correct password into the game: > > decrypt pass(ch, argument); > > case CON_GET_OLD_PASSWORD: > > #if defined(unix) > > write_to_buffer( d, "\n\r", 2 ); > > #endif > > decrypt_pass (ch, argument); > > BUT, this doesn't work. It simply throws the last command > the character > > typed > > into the field that this is saved as (I tried it and checked) > > > > So, it's not as simple as grabbing what they 'say' is their > password. > > This is actually a good thing, otherwise it'd be too easy > for someone > > to grab player passwords. > > > > Unfortunately, my php experience is highly limited (I'm > getting there, > > but it isn't exactly easy), and my encryption experience > actually is > > less.. It's not exactly something I'm looking forward to > tackling, but > > it's something that needs to be done. > > > > I'm not sure what Jason was referring to, I'm kind of lost > there to be > > honest. The portal uses md5 encryption, but to get that going I'd > > assume would be too > > hard to deal with. > > > > On Sunday 22 September 2002 09:50 pm, Dale Kingston wrote: > > > you don't decrypt the password. what you do is you crypt the > > > password and then when they log in you take what they > said was their > > > password and crypt that and then you see if their the exact same. > > > you don't have to decrypt > > > > it > > > > > just compare the two results. > > > > > > ----- Original Message ----- > > > From: "Tom Whiting" <[EMAIL PROTECTED]> > > > To: <[email protected]> > > > Sent: Sunday, September 22, 2002 6:07 PM > > > Subject: Odd crypt question > > > > > > > > > Greetings, > > > > > > Over the past few months, I've been in the process of > dealing with > > > sql files, playing with web users and the like, in the ultimate > > > effort to create a user database that is intertwined with web and > > > telnet users (eventually). > > > > > > In doing so, however, I've run across a few problems with > crypt(), > > > or > > > > maybe > > > > > it's just that I don't understand crypt all that well (either way > > > it's a problem). > > > > > > The file gets written to the database (sql), rather well, but i > > > can't figure out which version of encryption is used to > figure rom > > > passwords > > > > out. > > > > > Is this system crypt? md5? custom? > > > > > > If it's custom, is there a way to take this password, decrypt it > > > (without having to use plain passwords), in order for it to be > > > encrypted, or thrown into the database so that php/sql > can recognize > > > it somehow, or is this pretty much out of the question? > > > -- > ROM mailing list > [email protected] > http://www.rom.org/cgi-bin/mailman/listinfo/rom >
