News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Converting to UTF8 locks out people with non-English passwords

Started by Forumtastic, February 14, 2012, 11:19:41 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Forumtastic

February 14, 2012, 11:19:41 AM
When I convert my forum to use UTF8 and then change the language appropriately, users who have non-English characters in their password can no longer log in.

Upon further investigation, I noticed it is because the SHA checksum in the database was created using a different character set.

Can anyone help me with this? I'd rather not use an ASCII character set for the very large and active forum I maintain. I was not the person who originally set it up using the current encoding.

Thank you so much in advance.

Oldiesmann

#1
February 14, 2012, 11:37:24 AM
What character set were you originally using? It should be fairly easy to hack the code slightly to convert whatever they entered to the old character set if the initial password check fails.
Michael Eshom
Christian Metal Fans

Forumtastic

#2
February 14, 2012, 12:11:17 PM
The original character set was Windows-1255.

I did think about this. I haven't had much luck finding Javascript code that could convert a string from UTF-8 to Windows-1255.

Forumtastic

#3
February 14, 2012, 12:20:24 PM
And thank you for the quick response!

In the file script.js, I found this line:

doForm.hash_passwrd.value = hex_sha1(hex_sha1(doForm.user.value.php_to8bit().php_strtolower() + doForm.passwrd.value.php_to8bit()) + cur_session_id);

I originally thought if I could just convert to the old character set before the php_to8bit(), then it might work. Do you have an idea how I could do this?

Oldiesmann

#4
February 14, 2012, 12:51:44 PM
Looking at script.js, it looks like we may be able to fool that function into thinking you're still using Windows-1255.

Try this and see what happens...

Find
Code Select
if (smf_charset == 'UTF-8')

Add before that
Code Select
smf_charset = 'Windows-1255';

That should fool it for now, but again, I can't guarantee this will work, so let me know if it doesn't and we'll figure something else out.
Michael Eshom
Christian Metal Fans

Forumtastic

#5
February 14, 2012, 01:35:44 PM
That was a very good idea. I put that line in the Themes/core/script.js file on line 143 right before that line inside the php_to8bit function just as you had specified and, unfortunately, it did not appear to work. Perhaps it didn't work because the password page itself is in UTF8?

Aleksi "Lex" Kilpinen

#6
March 10, 2012, 04:42:28 AM
Any updates on this? When I converted my forum to UTF-8, I never really heard of any problems like this to be honest.
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF
Print
Go Up Pages1
User actions
Advertisement: