Advertisement:

Author Topic: Elarkte Password support for SMF 2.0  (Read 843 times)

Offline vbgamer45

  • Customizer
  • SMF Super Hero
  • *
  • Posts: 21,496
    • smfhacks on Facebook
    • VBGAMER45 on GitHub
    • @createaforum on Twitter
    • SMF For Free
Elarkte Password support for SMF 2.0
« on: April 01, 2019, 10:11:59 PM »
Here is a script to use Elkarte 1.1x passwords in SMF 2.0.x

Open Sources/LogInOut.php

Find
Code: [Select]
elseif (strlen($user_settings['passwd']) == 40)
{
// Maybe they are using a hash from before the password fix.
$other_passwords[] = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));

// BurningBoard3 style of hashing.
$other_passwords[] = sha1($user_settings['password_salt'] . sha1($user_settings['password_salt'] . sha1($_POST['passwrd'])));

// Perhaps we converted to UTF-8 and have a valid password being hashed differently.
if ($context['character_set'] == 'UTF-8' && !empty($modSettings['previousCharacterSet']) && $modSettings['previousCharacterSet'] != 'utf8')
{
// Try iconv first, for no particular reason.
if (function_exists('iconv'))
$other_passwords['iconv'] = sha1(strtolower(iconv('UTF-8', $modSettings['previousCharacterSet'], $user_settings['member_name'])) . un_htmlspecialchars(iconv('UTF-8', $modSettings['previousCharacterSet'], $_POST['passwrd'])));

// Say it aint so, iconv failed!
if (empty($other_passwords['iconv']) && function_exists('mb_convert_encoding'))
$other_passwords[] = sha1(strtolower(mb_convert_encoding($user_settings['member_name'], 'UTF-8', $modSettings['previousCharacterSet'])) . un_htmlspecialchars(mb_convert_encoding($_POST['passwrd'], 'UTF-8', $modSettings['previousCharacterSet'])));
}
}
Add after
Code: [Select]
elseif (strlen($user_settings['passwd']) == 60)
{
$other_passwords[] = validateLoginPasswordElkarte($_POST['passwrd'], $user_settings['passwd'],$user_settings['member_name']);

}

Find at the end of the and add before ?>
Code: [Select]
function validateLoginPasswordElkarte(&$password, $hash, $user = '', $returnhash = false)
{
    global $smcFunc, $sourcedir;

// Our hashing controller
require_once($sourcedir . '/PasswordHash.php');

// Base-2 logarithm of the iteration count used for password stretching, the
// higher the number the more secure and CPU time consuming
$hash_cost_log2 = 10;

// Do we require the hashes to be portable to older systems (less secure)?
$hash_portable = false;

// Get an instance of the hasher
$hasher = new PasswordHash($hash_cost_log2, $hash_portable);

// If the password is not 64 characters, lets make it a (SHA-256)
if (strlen($password) !== 64)
$password = hash('sha256', $smcFunc['strtolower']($user) . un_htmlspecialchars($password));

// They need a password hash, something to save in the db?
if ($returnhash)
{
$passhash = $hasher->HashPassword($password);

// Something is not right, we can not generate a valid hash that's <20 characters
if (strlen($passhash) < 20)
$passhash = false;
}
// Or doing a password check?
else
$passhash = (bool) $hasher->CheckPassword($password, $hash);

unset($hasher);

return $passhash;
}



Then Copy attached PasswordHash.php to the Sources folder
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro