PHP-Fusion 7 -> SMF 1.1.14

Started by White Boy, October 03, 2013, 10:29:18 PM

Previous topic - Next topic

White Boy

I've successfully created a converted version of PHP-Fusion.

SMF: hxxp:evogaming.org/forums [nonactive]
PHP-Fusion: hxxp:evogaming.org [nonactive]
My problem is, I cannot get the passwords to act normal again as stated with the package.
I have the package installed, and it is applied.

I am familiar with SMF and PHP-Fusion in entirety, but I cannot figure out why this is not working itself.
Verified that all the md5's are identical in the DB.. and they are.

I even tried editing Sources/LogInOut.php directly instead of relying on the php fusion login fix mod package with
$other_passwords[] = md5(md5($_REQUEST['passwrd']));
but I ended up seeing it's already there.

So what am I missing exactly.. :/

You can try logging in with an account that was ported over if you'd like.
As you can see, it works fine on the PHP-Fusion page, but the SMF page is still giving me the incorrect password callback.

Username: member
Password: password

Converter: http://www.simplemachines.org/community/index.php?topic=294705.0

I would like to get away from PHP-Fusion as fast as possible.. if someone is willing to help me directly I can offer you a managed game server or something along the lines for your time. (Have servers in Florida, Seattle (USA) and Frankfurt (Germany) both running windows.. can host mirrors or run whatever it is you might need running (primarily still game servers, heh) .Minecraft too!.).

I beg of you. :(
(To top it off, I still will be upgrading to SMF2 after all this is done...)

mentalist

1) IIRC php-fusion7 passwords do not use plain md5  anymore, that one should work:  $other_passwords[] = hash_hmac('sha256', $_POST['passwrd'], $user_settings['password_salt']);
http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=31438

2) The converter would cut both columns passwd and password_salt, so you'd have to modify those and increase the size to 64 chars before converting your forum ;)

margarett



Why are you converting to 1.1.14? You should upgrade to 1.1.18 ;)
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

White Boy

Quote from: Dexter Morgan on October 04, 2013, 01:21:39 AM
1) IIRC php-fusion7 passwords do not use plain md5  anymore, that one should work:  $other_passwords[] = hash_hmac('sha256', $_POST['passwrd'], $user_settings['password_salt']);
hxxp:www.php-fusion.co.uk/forum/viewthread.php?thread_id=31438 [nonactive]

2) The converter would cut both columns passwd and password_salt, so you'd have to modify those and increase the size to 64 chars before converting your forum ;)

That seems to have gotten the job done 60% (which is pretty good, I suppose.)
Upon login attempt with all of your above changes, it forces user to ?action=reminder. That's not bad, at least they can login without having to continuously fail logging in.

Quote from: margarett on October 04, 2013, 04:39:30 AM


Why are you converting to 1.1.14? You should upgrade to 1.1.18 ;)

Eventually I will be upgrading to the latest version of 2.0 anyway -- which I can't do correctly with this converter. So I unfortunately have to take the longer route.

mentalist

mhh, are you sure you set  both colums (passwd and password_salt) to varchar(64) and re-converted the forum?

White Boy

Yes -- that is a definite.


  • Installed SMF
  • Uploaded Converter files (convert.php & phpfusion_login_fix.tgz)
  • Converted successfully - unable to login as admin.
  • Reset password via Forgot Password - successful. Applied login fix package.
  • Edited MySQL smf_members structure to present "passwd   varchar(64)" and "passwordSalt   varchar(64)"
  • Still a no go - users unable to login.
  • Tried a conversion after the table edits as well - still a no go.

Looks like I'm either stuck with Fusion or I will suffer a member loss with slight benefits. But maybe it will be better anyway.

margarett

Quote from: White Boy on October 04, 2013, 07:50:27 PM
Looks like I'm either stuck with Fusion or I will suffer a member loss with slight benefits. But maybe it will be better anyway.
I'm sorry, please forgive my honesty, but I really disagree about this.
I, in all honesty, don't understand how hard can it be (for users) to recover their password...
Every time a converter is discussed, if passwords can't be put through, it's hell on earth because users will be lost and yabadaba... Please understand, it's not you here, it's the general assumption (or complaint, let's put it this way)

I mean, a warning in index.template.php for... A month? Stating that a forum software change has occurred and a password reset is needed. How can that cause users to go away?
Se forem conduzir, não bebam. Se forem beber... CHAMEM-ME!!!! :D

QuoteOver 90% of all computer problems can be traced back to the interface between the keyboard and the chair

mentalist

You'd better go with the right order:
1) Install SMF
2) modify the database columns from smf_members  to varchar(64) - passwd and password_salt
3) add $other_passwords[] = hash_hmac('sha256', $_POST['passwrd'], $user_settings['password_salt']); to Sources/LogInOut.php
(find $other_passwords = array(); and add it to the next line)

4) Upload the converter files
5) convert your forum
6) try to login.

Advertisement: