You are not logged in. Please login or register.
PunBB Forums → PunBB 1.2 troubleshooting → password encoding
Can some one help me out with this....i'm making a new profile section on my site...and this is confusing me cause i've never done anything with it before. :\
I just, would like some help with how I could get what is already there to work with my new page...
Thanks for any help I can get!
I'm not exactly sure what you want to know 
Are you asking how is the password encrypted in the database? If so, take a look at the pun_hash function
I'm asking how it's encrypted, and how to incorporate the decrypt/encrypt it into my new profiles because I can currently only acquire the encrypted password.
You can't decrypt a hash 
You have to compare two hashes to check passwords.
Okay, and i'll be able to find how it's done in pun_hash function?
Edit: Looking at the PunBB code for this has confused me. If I wrote my own encryption code, would it screw up anything on PunBB?
I have no idea what you want to do, but changing the password for a user in the database to something that pun_hash doesn't compute should break logins. What's confusing about it?
I'm not sure what's confusing me...I'm just confused haha.
I can't even find pun_hash...i've just been looking at profile.php and their change password code has all the punbb shortcuts
pun uses sha1 if available, and md5 if its not. these are hashing algorithms not encryption algorithms.
the difference being, with encryption, you pull the password from the data base, decrypt it and compare it with the user input. w/ hashing, you hash the user input and compare it with whats stored in the db. hashing produces a fixed width output, so if you hash a 2 gig file, or a 1 letter text field, you're going to get a 128 or 160 bit output (md5 = 128, sha1 = 160), where the size of your encrypted output is dependent of the size of the plain text input.
I'm asking how it's encrypted, and how to incorporate the decrypt/encrypt it into my new profiles because I can currently only acquire the encrypted password.
So, you want to add password-changing functionality to this new profile page you're creating?
teenagegluesniffer wrote:I'm asking how it's encrypted, and how to incorporate the decrypt/encrypt it into my new profiles because I can currently only acquire the encrypted password.
So, you want to add password-changing functionality to this new profile page you're creating?
Yes.
guardian34 wrote:teenagegluesniffer wrote:I'm asking how it's encrypted, and how to incorporate the decrypt/encrypt it into my new profiles because I can currently only acquire the encrypted password.
So, you want to add password-changing functionality to this new profile page you're creating?
Yes.
OK, PunBB has that functionality in profile.php already: take a look at it
As for where pun_hash is, it's where all the functions are: include/functions.php
PunBB Forums → PunBB 1.2 troubleshooting → password encoding
Powered by PunBB, supported by Informer Technologies, Inc.