AAC Znote are account name and password stored in some variable?
- Thread starter Tubeshop
- Start date
Yes, you have access to all account table variables at any time via the user_data variable defined in engine/init.php:
github.com
ZnoteAAC/engine/init.php at master · Znote/ZnoteAAC
Developement repository for the Znote AAC project. A website portal to represent and manage your Open Tibia server. - Znote/ZnoteAAC
github.com
PHP:
$username = $user_data['name'];
$pass = $user_data['password'];thanks so much 
one question. Is it possible to have a blank string with the password as entered when logging in? variable $user_data['password']; returns an encoded string of characters. Is it possible to decode it or somehow have access to a clean password?
Post automatically merged:
one question. Is it possible to have a blank string with the password as entered when logging in? variable $user_data['password']; returns an encoded string of characters. Is it possible to decode it or somehow have access to a clean password?
Last edited:
The whole point of storing an encrypted(sha1) version of the password, is that any intrusion is rendered practically useless. Hackers would then have to turn to rainbow tables or other methods because they now have the usernames.thanks so much
Post automatically merged:
one question. Is it possible to have a blank string with the password as entered when logging in? variable $user_data['password']; returns an encoded string of characters. Is it possible to decode it or somehow have access to a clean password?
In a typical login process, the user's password input is ran through the sha1 function (usually including a salt), and the encrypted string is then compared to what is stored in the database.
Why do you need to know the plaintext password?
