0

Hello guys i have a little problem with integration..Im using flashcoms WebcamChat trying to use integration so that can ppl login in to chat if they are registred on my website...

The integration is work ok but the problem is password in mysql User_tabe passwords is not a simple they are 40 characters long ones i think md5 or sha1 i don't know...

So if im trying to login with long password 40 characters it pass.But if i type simple one it Faill...

Is there anyone can help to make it work?

Website Im using is Skadate 8

Here is the code of flashcoms integration..

<?php

//Connect to users database
$db = mysql_connect('localhost','root','123456') or die(mysql_error());
mysql_select_db('dating',$db) or die(mysql_error());

//Init request parameters
$userName = (isset($_REQUEST["user_name"])) ? urldecode($_REQUEST["user_name"]) : "";
$password = (isset($_REQUEST["password"])) ? urldecode($_REQUEST["password"]) : "";
$uid = (isset($_REQUEST["uid"])) ? urldecode($_REQUEST["uid"]) : "";

//Check if user filled login and password in the login screen (Chat authorization)
if($userName != "" && $password != "")
{
  $sql = "SELECT * FROM skadate_profile WHERE username='".$userName."' AND password='".$password."'";
}
//session/cookie base authorization (Auto login)
else if ($_SESSION['user_id']!="")
{
  $sql = "SELECT * FROM users_table WHERE id='".$_SESSION["user_id"]."'";
}
// Non session/cookie based autologin authorization
else if ($uid!="")
{
  $sql = "SELECT * FROM users_table WHERE id='".$_GET['uid']."'";
}
else
{
  echo '<auth error="AUTH_ERROR" />';
  exit;
}

//Select user data
$result = mysql_query($sql,$db);

if(mysql_num_rows($result)==1)
{
  //User found. get user info
  $usersInfo = mysql_fetch_array($result);

  $photo = 'http://www.yourdomain.com/images/photos/'.$usersInfo['id'].'.png';
  $photoModeImage = 'http://www.yourdomain.com/images/photos_small/'.$usersInfo['id'].'.png';

  $answer = '<auth>';
  $answer .= '<userName><![CDATA['.$userName.']]></userName>';
  $answer .= '<gender>'.$usersInfo['gender'].'</gender>'; //male, female or couple
  $answer .= '<level>'.$usersInfo['level'].'</level>';
  $answer .= '<photo><![CDATA['.$photo.']]></photo>';
  $answer .= '<photoModeImage><![CDATA['.$photoModeImage.']]></photoModeImage>';
  $answer .= '</auth>';
  echo $answer;
  exit;
}
else
{
  //User not found OR authorization failed
  echo '<auth error="AUTH_ERROR" />';
  exit;
}

?>
2
Contributors
2
Replies
3
Views
5 Years
Discussion Span
Last Post by Giedrius
0

If password which is stored in the password database field is hashed (using md5 or sha1 function) then you have to also hash the password provide by the user (typed into a login form) and compare the hashes.

$hashed_password = sha1($passwod);
// ...
$sql = "SELECT * FROM skadate_profile WHERE username='".$userName."' AND password='".$hashed_password."'";

If all stored passwords are 40 chars long and have no reasonable meaning then they have probably been hashed with sha1 which by default produces 40 chars hash.

0

it doesn't work dunno whats wrong same only with 40 chars i can connect simple password doesn't work

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.