Where is login details in MySQL database?

[General Xbox Gaming]

I'm trying to setup a login return .php file that can get the SHA1 Salt entry for a user from the MySQL database do download as a String in my C# application and compare it to the users entry for username and password after it has been throw SHA1 Salt in my application to compare and login if the to strings match.

I need either a .php script to return the SHA1 Salted information compared to username or the location in the MySQL database.

Thanks.

[Ninja ZX-10RR]

I had the same problem dude http://www.simplemachines.org/community/index.php?topic=520741.0 this might help you. If you have a bit of knowledge in C# you will be able to call it and use it successfully.
By the way this is the wrong section

[General Xbox Gaming]

I forgot to ask: how do you see what usergroup they are in from a username?

Edit: your topic doesn't have the solution I was looking for.
How do you get the information from the MySQL database? (Where is it all located)

[Ninja ZX-10RR]

Dude just look at the columns names :/ username is "member_name" and password is "passwd", you will have to call those 2 ones from the table smf_members

I forgot to ask: how do you see what usergroup they are in from a username?

There is also the column "id_group"

[General Xbox Gaming]

I found it, smf_forummembers

How do you look for a persons username and password salt? I can't search the database externally yet and have no clue how I look at it to compare credential. I'm a absolute beginner with MySQL.

[Arantor]

You do *NOT* connect the forum database to the raw unfiltered internet. That's absolutely asking to be hacked.

[Ninja ZX-10RR]

Not if you allow an external program in C# to be the only thing that can access it. Basically that's what online games do.
As regards how to look for them I think that you should do that in C#, as it was my colleague to do the final part I can't go into details, I just know that he made it after much swearing and days spent on tutorials and bugging me with "upload this upload that delete this do that etc" xD I'll update you later on if I can reach him since he is being quite much offline, I'll bug him on Whatsapp.
I'll let you know

[General Xbox Gaming]

Not if you allow an external program in C# to be the only thing that can access it. Basically that's what online games do.
As regards how to look for them I think that you should do that in C#, as it was my colleague to do the final part I can't go into details, I just know that he made it after much swearing and days spent on tutorials and bugging me with "upload this upload that delete this do that etc" xD I'll update you later on if I can reach him since he is being quite much offline, I'll bug him on Whatsapp.
I'll let you know

Thank you. Can you provide the function on how to SHA1 Salt the Password please the example I found on here don't work for some reason.

i.e. this...

Code Select Expand

public static string HashCode(string str)
{
    System.Text.ASCIIEncoding encoder = new System.Text.ASCIIEncoding();
    byte[] buffer = encoder.GetBytes(str);
    SHA1CryptoServiceProvider cryptoTransformSHA1 = new SHA1CryptoServiceProvider();
    string hash = BitConverter.ToString(cryptoTransformSHA1.ComputeHash(buffer)).Replace("-", "");

    return hash;
}

This works 100%

Code Select Expand

public static string CalculateSHA1(string text, Encoding enc)
{
    byte[] buffer = enc.GetBytes(text);
    SHA1CryptoServiceProvider cryptoTransformSHA1 = new SHA1CryptoServiceProvider();
    string hash = BitConverter.ToString(cryptoTransformSHA1.ComputeHash(buffer)).Replace("-", "");
           
    return hash;
}

private void bSalt_Click(object sender, EventArgs e)
{
    tBresult.Text = CalculateSHA1(tBusername.Text.ToLower() + tBpass.Text, ASCIIEncoding.ASCII).ToLower();           
}
I worked it out in the end.

[Ninja ZX-10RR]

Awesome be careful though because if you don't do it well you can get hacked really easily as "♥" pointed out
Anyway if you sorted it out please mark the topic as solved by pressing the button in the left bottom of the page so that the team won't spend time on it

[Kindred]

just FYI... the table is USUALLY called smf_members, not smf_forummembers

[Ninja ZX-10RR]

you will have to call those 2 ones from the table smf_members

Indeed I said that I believe that his was a typo or distraction or something like that as if he found it it must have been the correct table lol

[General Xbox Gaming]

Well I have this but it always returns: "true"

Code Select Expand


  <?php
  
  // Grab User submitted information
  $user = $_POST["user"];
  $pass = $_POST["pass"];
  
  // Connect to the database
  $con = mysql_connect("localhost","db_forum","<password>");
  // Make sure we connected succesfully
 if(! $con)
 {
     die('Connection Failed'.mysql_error());
 }
 
 // Select the database to use
 mysql_select_db("db_forum",$con);
 
 $result = mysql_query("SELECT member_name, passwd FROM smf_forummembers WHERE member_name = $user");
 
 $row = mysql_fetch_array($result);
 
 if($row["member_name"]==$user && $row["passwd"]==$pass)
     echo"true";
 else
     echo"false";
 ?>

[General Xbox Gaming]

you will have to call those 2 ones from the table smf_members

Indeed I said that I believe that his was a typo or distraction or something like that as if he found it it must have been the correct table lol

It's because the database is called db_forum it's named smf_forummembers.

[Kindred]

Just out of curiosity, why are you not using the smf db function?

The function you are using does not clean the input and thus is potentially insecure.

[Arantor]

Sending the password in SHA1 yourself is probably a bad idea. It doesn't give you any protection whatsoever. Use SSL for that and be done with it.

Your query also has also a very blatant SQL injection and may even get some usernames wrong. It's not 'potentially' insecure, it IS insecure.

I need to finish stuff first then I'll write you a proper one.

[Ninja ZX-10RR]

Mine is this one:

Code Select Expand


<?php

include 'conf/connection.php';

$username = $_POST['member_name'];
$password = $_POST['passwd'];
$sha1pass = sha1(strtolower($username) . $password);

if($username != "" || $sha1pass != "")
{
$sql = "SELECT member_name, passwd FROM smf_members WHERE member_name = '".$username."' AND passwd = '".$sha1pass."'";
$query = mysql_query($sql);
$ar = mysql_fetch_array($query);

if($username == $ar['member_name'] && $sha1pass == $ar['passwd'])
{
echo $ar['id_member'];
}
else
{
echo "error";
}
}

else
{
echo "errorEmpty";
}

?>

[Arantor]

Also insecure for the same reason. And has the same bug with respect to improper handling of usernames.

Not to mention mysql_fetch_array is the wrong thing to use on top of that too (should be mysql_fetch_assoc in that situation)

Oh and your routine won't work properly since you only select member_name and passwd from smf_members, and then expect it to have an id_member attribute that wasn't selected from the database.

Not to mention the fact that you're giving miscreants a nice cheap way to brute-force accounts since you're also not using SMF's spamProtection() routine as a flood controller.

[Ninja ZX-10RR]

It is used to login in a game so you can't really spam there I think.... While the id? Couldn't care less lol I need to login that's it, the id is not necessary as the game can associate the user with the username only to login.
About the security... Well it's my colleague who coded that thing but he doesn't have the same experience that you have if you can do it better for both of us then I think that I can talk for General Xbox Gaming as well and tell you that we would appreciate it very much. >_<

[Arantor]

It is used to login in a game so you can't really spam there I think....

Of course it can. It's publically accessible on the internet.

While the id? Couldn't care less lol I need to login that's it, the id is not necessary as the game can associate the user with the username only to login.

Considering that your script outputs the id, it would kind of be useful to get that in the query in the first place.

About the security... Well it's my colleague who coded that thing but he doesn't have the same experience that you have

Preventing SQL injections is pretty much basic practice for any web development.

I will look at it once I have my other stuff done.

[General Xbox Gaming]

Sending the password in SHA1 yourself is probably a bad idea. It doesn't give you any protection whatsoever. Use SSL for that and be done with it.

Your query also has also a very blatant SQL injection and may even get some usernames wrong. It's not 'potentially' insecure, it IS insecure.

I need to finish stuff first then I'll write you a proper one.

Thank you so much.

[Ninja ZX-10RR]

You have so many things to do... I wonder if you will go crazy on them I will wait... Any clues about when you will be able to give it a look?

[General Xbox Gaming]

Got something that works:

Code Select Expand

<?

/* SMF */
require "../Settings.php";

$user  = $_REQUEST['user'];
$pass = $_REQUEST['pass'];


mysql_connect($db_server, $db_user, $db_passwd);
        mysql_select_db($db_name);
       
        $result = mysql_query("SELECT * FROM `".$db_prefix."members` WHERE `member_name` = '$user'");
       
        if($result == false){
                die("User not found!");
        }

$row = mysql_fetch_row($result);
       
        /* Username */
        $username = $row[1];
       
        /* Date Joined
        $date_registered = $row[2]; */
       
        /* Post Count */
        $post = $row[3];
       
        /* Group */
        $group = $row[4];
                /* if($Group_result == "1")
                        $group = "Administrator";
                Else if ($Group_result == "2")
                        $group = "GlobalModerator";
                Else if ($Group_result == "3")
                        $group = "Moderator";
                else
                        $group = "Member"; */
                       
        /* Last online */           
        $last_login = $row[6];
       
        /* Real Name */
        $Real_name = $row[7];
       
        /* passwd_result */
        $passwd_result = $row[16];
       
        /* Gender
        $gender_result = $row[20];
                if($gender_result == "1")
                        $gender = "Male";
                Else if ($Group_result == "2")
                        $gender = "Female";
                Else
                        $gender = "N/A"; */
                       
                       
        /* $birthdate = $row[21]; */
       
        if($passwd_result == $pass)
$passw = "True";
else
$passw = "False";

        $Array = array(
                'Username' => $username,
                'RealName' => $Real_name,
                /* 'Gender' => $gender,
                'PostCount' => $post, */
                'UserGroup' => $group,
'PassResult' => $passw,
                /* 'JoinedDate' => $date_registered,
                'LastOnline' => $last_login, */               
                );

        $json = json_encode($Array);
       
        echo $json;           
 
/* SMF */
?>
But is this safe to use?

[Kindred]

as already stated... no... that will not be secure. The input is not cleaned...

and why would you require Settings directly?  EVER?

[Arantor]

Still insecure, still has ever single issue I outlined.

As for requiring Settings.php, that's all index.php and SSI.php do, that's fine.

[Kindred]

but shouldn't he require SSI and then use the standard SMF database function?

[Arantor]

Well, yes, since that also makes the flood control available...

[General Xbox Gaming]

Well, yes, since that also makes the flood control available...

When can you help me then?

I'm going to use this for the time being as the application isn't even ready for release yet. Also, SSL certificate might be a problem, I don't have the cash to get one. I have a family to feed and this is a side project that I'm working on with a friend.

[General Xbox Gaming]

Arantor can you help me with this please? I don't need a solution at this point but it would be nice if you can let me know if you can help me out.

Thank you.

[Ninja ZX-10RR]

He is working on a very complex and huge mod (http://www.simplemachines.org/community/index.php?topic=525210.0), he has *MANY* other things to do and the last thing he would like to see are people bugging him with please do please do things absolutely for FREE and since I am experiencing your same problem I don't want him to get upset for you bumping the topic with anxiety and consequently ignore this. So please, he said he will do it, thank him and post maybe in a month if it won't be done yet. I know that the paid modification he is working on will be over in about a month or so, then post in a month or so, not after five days :/ we are all volunteers in here and Arantor is the one doing more than anybody else, at least don't bug him will you?

As a foot-note... Don't take it personally, but imagine if a guy would come at you asking for a function of your forum and you have to code it, and after a few days comes again asking and asking expecting you to do it for him and delaying everything else in its favour. That's annoying. That's annoying even for me when people continuously ask me when my game will be released and I always answer please don't ask for ETA, I'm damn working on it. hope you got my point and you are not mad at me

[General Xbox Gaming]

He is working on a very complex and huge mod (http://www.simplemachines.org/community/index.php?topic=525210.0), he has *MANY* other things to do and the last thing he would like to see are people bugging him with please do please do things absolutely for FREE and since I am experiencing your same problem I don't want him to get upset for you bumping the topic with anxiety and consequently ignore this. So please, he said he will do it, thank him and post maybe in a month if it won't be done yet. I know that the paid modification he is working on will be over in about a month or so, then post in a month or so, not after five days :/ we are all volunteers in here and Arantor is the one doing more than anybody else, at least don't bug him will you?

As a foot-note... Don't take it personally, but imagine if a guy would come at you asking for a function of your forum and you have to code it, and after a few days comes again asking and asking expecting you to do it for him and delaying everything else in its favour. That's annoying. That's annoying even for me when people continuously ask me when my game will be released and I always answer please don't ask for ETA, I'm damn working on it. hope you got my point and you are not mad at me

I'm sorry if I came across as pushy in any way. I fully understand your points and I wasn't trying to push anything. I am sorry and I do understand that you have a lot on your plates.

[General Xbox Gaming]

As I'm still in need of a solution for this topic, is there anyone with some free time to look into this again for use please?

[Kindred]

Why are you not just using the ssi functioms... Or the API?  Or even a hook?

[General Xbox Gaming]

Why are you not just using the ssi functioms... Or the API?  Or even a hook?

Because I don't know how to call them or use them. I simply need a login for a C# program I am making and I don't know much about PHP & MySQL.
I need something like this but secure.