XenForo Password Encryption

Z

ZoomZaa

Member
How does XenForo Password Encryption work?
I'm trying to code a PHP script to check whether or not the input password matches with the password stored in the database.
I've tried [' sha1(sha1($password) . salt) '] but didn't work.
What exactly the formula is?
 
Sort by date Sort by votes
Chris Deeming said:
Can you paste the code you're now using?
Click to expand...
PHP: 
<?php
 
$startTime = microtime(true);
$fileDir = dirname('../forum');
 
require($fileDir . '/library/XenForo/Autoloader.php');
XenForo_Autoloader::getInstance()->setupAutoloader($fileDir . '/library');
 
XenForo_Application::initialize($fileDir . '/library', $fileDir);
XenForo_Application::set('page_start_time', $startTime);
 
$username = 'izoomzaa';
$password = '*****';
 
$db = XenForo_Application::getDb();
 
$data = $db->fetchOne('
SELECT
auth.data
FROM xf_user_authenticate AS auth
INNER JOIN xf_user AS user ON
(user.user_id = auth.user_id)
WHERE user.username = ?
', $username);
 
$auth = XenForo_Authentication_Abstract::createDefault();
 
$auth->setData($data);
 
$check = $auth->authenticate($username, $password);
 
Zend_Debug::dump($check);
 
 
if ($check)
{
echo 'success';
}
else
{
echo 'fail';
}
 
?>
 
Upvote 0 Downvote
Everything looks ok except the $fileDir parameter.

I don't think ../forum is valid.

The dirname function needs to be an actual server path.

Maybe - just for testing - you should have the script running in the root of your XenForo installation and set the path the same as my example.

I just want to prove it works for you or maybe there's some other issue.
 
Upvote 0 Downvote
Chris Deeming said:
Everything looks ok except the $fileDir parameter.

I don't think ../forum is valid.

The dirname function needs to be an actual server path.

Maybe - just for testing - you should have the script running in the root of your XenForo installation and set the path the same as my example.

I just want to prove it works for you or maybe there's some other issue.
Click to expand...

It doesn't work too. Got the same error.
PHP: 
<?php
 
$startTime = microtime(true);
$fileDir = dirname(__FILE__);
 
 
require($filedir . '/library/XenForo/Autoloader.php');
XenForo_Autoloader::getInstance()->setupAutoloader($fileDir . '/library');
 
XenForo_Application::initialize($fileDir . '/library', $fileDir);
XenForo_Application::set('page_start_time', $startTime);
 
$username = 'izoomzaa';
$password = '*****';
 
$db = XenForo_Application::getDb();
 
$data = $db->fetchOne('
SELECT
auth.data
FROM xf_user_authenticate AS auth
INNER JOIN xf_user AS user ON
(user.user_id = auth.user_id)
WHERE user.username = ?
', $username);
 
$auth = XenForo_Authentication_Abstract::createDefault();
 
$auth->setData($data);
 
$check = $auth->authenticate($username, $password);
 
Zend_Debug::dump($check);
 
 
if ($check)
{
echo 'success';
}
else
{
echo 'fail';
}
 
?>
 
Upvote 0 Downvote
I have copied your exact code above into a file called PasswordCheck.php, set my username and password, and I have then put that in the root of my XenForo installation.

T72IG.png


It works.

I can only assume you must be doing something different.
 
Upvote 0 Downvote
Chris Deeming said:
I have copied your exact code above into a file called PasswordCheck.php, set my username and password, and I have then put that in the root of my XenForo installation.

T72IG.png


It works.

I can only assume you must be doing something different.
Click to expand...
Thanks again.
Now I can access the page, but the problems are either:
I got "Fatal error: Class 'XenForo_Application' not found in /home/myusername/domains/mydomain/public_html/forum/test.php on line 10" when the code was:
PHP: 
require($filedir . 'library/XenForo/Autoloader.php');
XenForo_Autoloader::getInstance()->setupAutoloader($fileDir . 'library');
 
XenForo_Application::initialize($fileDir . 'library', $fileDir);
I got "Warning: require(/library/XenForo/Autoloader.php) [function.require]: failed to open stream: No such file or directory in /home/mcsmilew/domains/mc-smileworld.in.th/public_html/forum/test.php on line 7"
"Fatal error: require() [function.require]: Failed opening required '/library/XenForo/Autoloader.php' (include_path='.:/usr/local/lib/php') in /home/mcsmilew/domains/mc-smileworld.in.th/public_html/forum/test.php on line 7"
when the code was:
PHP: 
require($filedir . '/library/XenForo/Autoloader.php');
XenForo_Autoloader::getInstance()->setupAutoloader($fileDir . '/library');
 
XenForo_Application::initialize($fileDir . '/library', $fileDir);

What should I do? :l
 
Upvote 0 Downvote
Ok.

This code which I used in my demonstration is the EXACT same code from the first 10 lines of your forum's index.php:

PHP: 
<?php
 
$startTime = microtime(true);
$fileDir = dirname(__FILE__);
 
require($filedir . '/library/XenForo/Autoloader.php');
XenForo_Autoloader::getInstance()->setupAutoloader($fileDir . '/library');
 
XenForo_Application::initialize($fileDir . '/library', $fileDir);
XenForo_Application::set('page_start_time', $startTime);

Your test.php first 10 lines should be identical to your index.php file.

If they are different then that is the problem.

If test.php still doesn't work, then there's no way that your forum should be functioning at all.

The first 10 lines is the code causing you the problems. This should be the same as your index.php file.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

G
  • Question Question
XF 2.2 What should I be using for Email Transport Method?
Replies
2
Views
475
GenCommunity
G
C
  • Question Question
XF 2.2 Schema Documentation?
Replies
2
Views
556
chris p
C
FoxSecrets
XF 2.2 How to call back own custom fields
Replies
2
Views
231
Robert9
R
nogridhome.com
  • Question Question
XF 2.2 Missing reset password email
Replies
6
Views
1K
Nicolas FR
N
dunowat
Private IP showing instead of Public IP.
Replies
3
Views
264
dunowat
dunowat
Top Bottom