• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

[PHP5/MySQLi] Plain to Hash

Mark

Mark

Administrator
Staff member
Administrator
Joined
May 27, 2007
Messages
6,390
Solutions
21
Reaction score
1,471
This PHP application will convert passwords in your database from plain-text to hashed, it supports both MD5 (untested) and SHA1.

PHP: 
<?php
	$databaseUsername = '';
	$databasePassword = '';
	$databaseName = '';
	$databaseHost = 'localhost';
	$newHashType = "SHA1";

	$handle = @fopen("converted", "r");
	if($handle)
	{
		$content = stream_get_contents($handle);
		fclose($handle);
		if($content == "1")
			die("You have already converted the passwords to {$newHashType}.");
	}

	$mysqli = new mysqli($databaseHost, $databaseUsername, $databasePassword, $databaseName);
	if(mysqli_connect_errno())
		exit();

	$result = $mysqli->query("SELECT `id`, `password` FROM `accounts`;");
	if($result->num_rows > 0)
	{
		if(strcasecmp($newHashType, 'sha1') == 0)
		{
			for($i = 0; $i < $result->num_rows; $i++)
			{
				$row = $result->fetch_row();
				$mysqli->next_result();
				$mysqli->query("UPDATE `accounts` SET `password` = '" . $mysqli->real_escape_string(sha1($row[1])) . "' WHERE `id` = {$row[0]};");
			}
		}
		else if(strcasecmp($newHashType, 'md5') == 0)
		{
			for($i = 0; $i < $result->num_rows; $i++)
			{
				$row = $result->fetch_row();
				$mysqli->next_result();
				$mysqli->query("UPDATE `accounts` SET `password` = '" . $mysqli->real_escape_string(md5($row[1])) . "' WHERE `id` = {$row[0]};");
			}
		}
		else
		{
			$mysqli->close();
			die("Unsupported $newHashType.");
		}

		echo "Successfully hashed {$result->num_rows} passwords.";
		$handle = fopen("converted", "w");
		fwrite($handle, "1");
		fclose($handle);
	}
	$mysqli->close();
?>
 
@ ragal - md5 and sha1 help protect passwords by encrypting them basically, this script will convert all passwords in your database to either md5 or sha1

Your AAC also has to support these features though, and if your still using AF-AAC then it doesn't yet.
 
but after conventering passwords to MD5 or other, how I can check player password ?
 
You can't, that's the point of it, to not have plaintext passwords.
 
Heh, this code is don't need. U can do that with only one sql query.
 
No work :S i tried use this script with apache.. i already active mysqli in php5 and only same accounts has been converted..
 
In mysql execute [MD5] (1 time!):
PHP: 
UPDATE `accounts` SET `password`=MD5(`password`)
or (if you want SHA1 passwords):
PHP: 
UPDATE `accounts` SET `password`=SHA1(`password`)
Much easier and you don't need any script.
 
Yeah, I already know that by now. This thread is almost 1 year old.
 
lol everywhere exist md5 cracker xD
i can make md5 in plain very fast like in 15 mins with my 9800 GTX+ GCP
 
Can any1 help me ? Im using gesior aac for tfs0.3 and when i convert password from plain to md5/sha1 i cant log into accounts ingame and in account manager :{
 
But when i create NEW account on md5/sha1 only this account works :>

Sorry for doublepost i cant edit.
 
Water Fighter said:
lol everywhere exist md5 cracker xD
i can make md5 in plain very fast like in 15 mins with my 9800 GTX+ GCP
Click to expand...

It depends on how secure the password is, what kind of characters it contains, how long it is. It could take years to crack a good password (it could also take a few seconds if you're lucky and you find a collision).
 
Water Fighter said:
lol everywhere exist md5 cracker xD
i can make md5 in plain very fast like in 15 mins with my 9800 GTX+ GCP
Click to expand...
crack this if it's so easy:
PHP: 
8c72a618e4d38a43cdbfa1c0872316e3
:)
kret said:
Can any1 help me ? Im using gesior aac for tfs0.3 and when i convert password from plain to md5/sha1 i cant log into accounts ingame and in account manager :{
Click to expand...
// polish
Jak uzywasz tfs 0.3 to nie musisz nic w bazie robic, w konfigu TFS 0.3 zmieniasz z plain na md5 lub sha1 i restartujesz server. TFS sam to zmieni (i acc. maker bedzie dzialal), wiec jesli najpierw recznie zmieniles na md5 (jak w tym poradniku), a potem tfs 0.3 restart zrobiles to masz juz po haslach. Tzn. masz je zahashowane 2 krotnie, bo tfs zamienil hasla md5 w hasla md5 tych kluczy md5. Cofka bazy danych czy cos i uzywazac nastepnym razem jak cos przy szyfrowaniu hasel robisz z md5/sha1, bo to teoretycznie nieodwracalne (pisal tu wyzej gosc, ze mozna lamac te hasla, ale cofniecie calej bazy moglo by zajac pare miesiecy na kompie z karta graficzna za 2000zl)
 
Back
Top