Ive recently get IPBoard board software for my gaming community, I converted it from SMF.
When I used smf, I used a system to authorize players to register in my game servers, this script called a php script wich made a hash (sha1) of the password the player inputted in the game and sended it back to the script running in the game. Then I checked if the player was registered or not in the forum before letting him play. Well, IPBoard uses a different hash:
$hash = md5( md5( $salt ) . md5( $password ) );
Where:
$hash is the value stored in the database column members_pass_hash.
$salt is the value stored in the database column members_pass_salt.
$password is the plaintext password.
What I am trying is to make a php script that will return to the script in the game the correct hash, and I will compare it later from the game into the database. This is my code:
<?php
include("mta_sdk.php");
$input = mta::getInput();
// Configuración de la aplicación
$DB_SERVIDOR = 'localhost:3306';
$DB_USUARIO = 'root';
$DB_CLAVE = 'xxx';
$DB_BASEDATOS = 'ipboard';
$conexion = mysql_connect($DB_SERVIDOR, $DB_USUARIO, $DB_CLAVE);
mysql_select_db($DB_BASEDATOS, $conexion);
mysql_query("SET NAMES 'utf8'");
$sql = "SELECT members_pass_salt FROM ipb_members WHERE name = '".$input[2]."'";
$Res = mysql_query($sql, $conexion);
$rowRes = mysql_fetch_assoc($Res);
$salt = $rowRes['members_pass_salt']
$hash = md5( md5( $salt ) . md5( $input[3] ) );
//$hash = $salt;
// Return encrypted string using MD5
mta::doReturn($hash,$input[1],$input[2],$input[3],$input[4]);
?>
$input variable returns information given by the user who is attemping to play in the game. It is an array like the following:
$input[2] - the username;
$input[3] - the password (plain text)
the other values are stuff that the game is using, not needed for this.
I succesfully call the php script from the game, and php is sending the information back, but the hash it returns is: "ERROR"
I tried many different ways of doing it but always get the same ERROR message instead the hash.
Some extra information that may be interesting to know:
The game i am talking about is Multi Theft Auto, a multiplayer modification for GTA:SA (maybe someone knows it) and it uses LUA for scripts.
The mta_sdk.php file is the sdk for php developed for this game (to be able to send and recieve information from the game using external php scripts.
Maybe this is not a convencional question. I tried to explain this as better as I can because I know you wont be used to this game and how it works.
Thanks in advance
I'm a little confused - why are you storing passwords as plaintext, and then converting them to md5 using a salt? Forgive me if I'm wrong, but that doesn't seem like a very sensible approach.
Try echo'ing back some data to a webpage, or storing it in a debug text file; an easy way to do this is set up a text file on your server, chmod it to 777, and include this code to write out to it;
$debug_txt = fopen('debug.txt', 'w');
fwrite($debug_tx, $error_here);
fclose($debug_tx);
To grab the $error_here, the easiest way to do this would be just to throw in a few if statements. i.e:
if (mysql_select_db($DB_BASEDATOS, $conexion))
{
$sql = "SELECT members_pass_salt FROM ipb_members WHERE name = '".$input[2]."'";
$Res = mysql_query($sql, $conexion);
// Write out the results to the debugger
// Use a foreach loop with mysql_fetch_assoc if there might be more than one entry.
}
else
{
$error_here = mysql_error();
}
etc etc.
With the above, you should at least be able to see what exactly the error is, and be able to combat it.