[Help] What to enter in the memb__pwd field?

[Pieman]

So I'm developing a custom website for the upcoming rz muserver and it's pretty much finished, except for entering a proper password in the memb__pwd field in the database upon registering.

I'm currently using this query:

mssql_query("INSERT INTO MEMB_INFO (memb___id, memb__pwd, memb_name, sno__numb, mail_addr, Gender, memb__pwd2, bloc_code, ctl1_code) VALUES ('".$_POST['user']."',CONVERT(varbinary(16),'".md5($_POST['pass'])."'), 'test', '".$_POST['id_code']."', '".$_POST['email']."', '".$_POST['gender']."', '".$_POST['pass']."', 0, 0)")

Which works fine but doesn't enter a proper password in the database, because I'm not able to login in to the game with the accounts created with this query.

So obviously this part of the query is wrong:

"CONVERT(varbinary(16),'".md5($_POST['pass'])."')"

If someone knows what's wrong with this part, could they please tell me.

Thanks.

 

[Shatter]

so does it insert the password in DB successfully but you cant login to game with it? in that case check if your DB is either md5/nonmd5 and joinserver is opposite than DB

so if DB = md5 / JS = nonmd5 or opposite it wont work as you prolly know

this is some basic code (i just copy pasted it so it wont work but you should see the point of it)

$pw = stripslashes($_POST['Password']);

$msquery = "INSERT INTO MEMB_INFO (memb__pwd) VALUES ('$pw')";
$db->query($msquery2);
$smarty->assign('password',$pw);

$pw = $pw;
$a= "exec Encrypter '".$pw."';

Stored Procedure

CREATE PROCEDURE [dbo].[Encrypter]

@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10)
AS

BEGIN
DECLARE @btOutVal BINARY(16)

EXEC master..XP_MD5_EncodeKeyVal @btInStr, @btInStrIndex, @btOutVal OUT

UPDATE MEMB_INFO SET memb__pwd = @btOutVal WHERE memb___id = @btInStrIndex
END

GO

 

[Pieman]

so does it insert the password in DB successfully but you cant login to game with it? in that case check if your DB is either md5/nonmd5 and joinserver is opposite than DB

so if DB = md5 / JS = nonmd5 or opposite it wont work as you prolly know

this is some basic code (i just copy pasted it so it wont work but you should see the point of it)

$pw = stripslashes($_POST['Password']);

$msquery = "INSERT INTO MEMB_INFO (memb__pwd) VALUES ('$pw')";
$db->query($msquery2);
$smarty->assign('password',$pw);

$pw = $pw;
$a= "exec Encrypter '".$pw."';

Stored Procedure

CREATE PROCEDURE [dbo].[Encrypter]

@btInStr VARCHAR(10),
@btInStrIndex VARCHAR(10)
AS

BEGIN
DECLARE @btOutVal BINARY(16)

EXEC master..XP_MD5_EncodeKeyVal @btInStr, @btInStrIndex, @btOutVal OUT

UPDATE MEMB_INFO SET memb__pwd = @btOutVal WHERE memb___id = @btInStrIndex
END

GO

To answer your first question, no it doesn't return any errors. And I'm pretty sure the joinserver and the db are md5, but just to be sure I tried it with no md5, which didn't work either. So I'm kind of at lost here as to what I'm doing wrong.

I don't really get the purpose of the code you posted btw. :ehh:

Sorry for replying so late, I was away.

 

[Pieman]

Sorry for bumping, but I found something which I found kind of peculiar.

When I get a password from the database which has been entered in it through muweb (which I am able to login in to the game with) it looks something like this: R^

 

[Shatter]

its cause of MD5 encryption but i guess you are missing some MD5 things since normally MD encrypted password in DB dont show up like that

 

[Pieman]

So do you have any suggestions on what to do?

 

[Pieman]

Ok, sorry for bumping again. But, I almost found the solution but still not quite.

I currently have this query:

mssql_query("INSERT INTO MEMB_INFO (memb__pwd) VALUES (dbo].[fn_md5]('".$_POST['pass']."', ''))");

Which outputs a similar string to the one I posted above, with the weird characters. But I still can't login with it. So obviously something needs changing. I just don't know what.

 

[Dios]

What happens when you run:

select memb___id, memb__pwd from memb_info

?

 

[Pieman]

What happens when you run:

select memb___id, memb__pwd from memb_info

?

With an account registered through my script it outputs:

Array
(
    [memb___id] => test123
    [memb__pwd] => )

 

[Daevius]

I'm not sure what it does, but perhaps try this:

mssql_query("INSERT INTO MEMB_INFO (memb__pwd) VALUES ('".md5($_POST['pass'])."', '')");

Depending on what encryption and what salt MuWeb uses of course.

 

[Pieman]

I'm not sure what it does, but perhaps try this:

mssql_query("INSERT INTO MEMB_INFO (memb__pwd) VALUES ('".md5($_POST['pass'])."', '')");

Depending on what encryption and what salt MuWeb uses of course.

Nope doesn't work. :

 

[RisingKing2010]

Try using this query for md5

INSERT INTO MEMB_INFO (memb___id,memb__pwd,memb_name,sno__numb,mail_addr,appl_days,modi_days,out__days,true_days,mail_chek,bloc_code,ctl1_code,memb__pwd2,fpas_ques,fpas_answ) VALUES ('$account',[dbo].[fn_md5]('$password','$account'),'player','$idcode','$email','$date','$date','2008-01-01','2008-01-01','1','0','0','$password','$question','$answer')

set $password as the password, $account as the username, $idcode as 11111111, $email as an email ofc, $date as something like 2008-01-01, $question as the security question and $answer as the the answer to the question... then tell me what happens

[dbo].[fn_md5]('$password','$account')

is what makes the MD5 password for mu

 

[Pieman]

Try using this query for md5

set $password as the password, $account as the username, $idcode as 11111111, $email as an email ofc, $date as something like 2008-01-01, $question as the security question and $answer as the the answer to the question... then tell me what happens

is what makes the MD5 password for mu

Oh god, I love you. It worked. :

 

[RisingKing2010]

^_^ glad your happy.