[ EDIT : SOLVED ]Trouble with sha1 passwords

[ahg7]

I just made my first OTserver using mySQL database (xampp), and modern AAC, and a VPS server ( the works haha ). I can make accounts and characters on my webpage, however the passwords do not work when I try to login to tibia (I use sha1 encryption) the passwords do not work, and I have to add them manually in the database. I already have sha1 in config.lua so that Isn't the problem (I've triple checked it) . Someone pleeaseee help me I've looked all over for a solution. Thanks in advanced .

P.S. If you're interested in playing the server feel free to join, our map is custom, although it uses yalahar as a main city ( Yes, I do not like to play the Tibia RL Map )

EDIT : Solved (read page 3 to see how )

 

[Siramix]

Fourple check the config!
As well, check your database information in config.lua.

 

[Bogart]

use plain encryption

xD

 

[RaikND]

use plain encryption

xD

TFS 0.4 only working with sha1, only mystic and 0.3.6pl1, working with plain text

 

[RobsonDias]

ye use plain or md5

 

[Cykotitan]

In your database, are the passwords hashed already?

 

[ahg7]

The passwords are already hashed in my database, the config.lua settings are right, and modernAAC only uses sha1 so I can't use plain or md5, I've been doing a little bit of research and I think what I need is a sql query but I'm not sure, im pretty new at this.

 

[Cykotitan]

If they are already hashed, I don't think you need to execute any query.

 

[ahg7]

Then what's the problem ? I get the hashed passwords in the database, not the actual password and to make the account work in-game I have to manually change the hashed password to the actual password.

 

[Cykotitan]

It's not a bug - as I can't reproduce the issue. This one of the cases where the user is doing something[?] wrong and we, of course, are unable to guess what is it.

 

[ahg7]

I know but I dont want to upload it to otservlist yet because that looks very unprofessional at the moment only my rls are playing, is there anything I could try ? BTW I'd be great if I could talk to you through MSN or some other IM program

 

[Paxton]

You hashed it twice? Are u able to login on modern aac?

 

[Rexxar]

Then what's the problem ? I get the hashed passwords in the database, not the actual password and to make the account work in-game I have to manually change the hashed password to the actual password.

So basically, when you use ModernAAC to insert a password, it becomes

"41178469e82814153f7fb6b79b36868b57927b71"

in the database.
But if you wish to login using the tibia client, you have to manually change the password to

"tibiapassword"


If this is the case then you have a problem with either your config.lua or the source itself, because this means the server does not hash the password submitted by the client before comparing it to the one stored in the database.

 

[ahg7]

Yes, that is exactly what happens, and the problem isn't the config.lua, so how do I fix the source then ?

 

[Rexxar]

Yes, that is exactly what happens, and the problem isn't the config.lua, so how do I fix the source then ?

Could you post the part of the config.lua that involves password encryption, so we can make sure you've written the correct thing?

 

[ahg7]

sure, here it is
-- Database
-- NOTE: sqlFile is used only by sqlite database, and sqlKeepAlive by mysql database.
-- To disable sqlKeepAlive such as mysqlReadTimeout use 0 value.
sqlType = "mysql"
sqlHost = "localhost"
sqlPort = 3306
sqlUser = "*******"
sqlPass = "*******"
sqlDatabase = "server"
sqlFile = "forgottenserver.s3db"
sqlKeepAlive = 0
mysqlReadTimeout = 10
mysqlWriteTImeout = 10
passwordType = "sha1"

 

[Rexxar]

Odd... What TFS are you using? 0.4 or 0.3.6?

 

[Paxton]

Again, are u able to login on Modern AAC? If not, it means u hashed it twice! Modern & TFS

 

[ahg7]

I'm using tfs 0.4. By logging in to modern aac, you mean to localhost/phpmyadmin ?

 

[Rexxar]

I'm using tfs 0.4. By logging in to modern aac, you mean to localhost/phpmyadmin ?

Well sadly I can't help with 0.4 since I don't have access to it.

But I think he means log into Modern ACC. As in the account manager, not the PHPmyadmin.