Forums / Developer / Documentation not correct for md5 hashing?

Documentation not correct for md5 hashing?

« 
Previous topic
|
Developer
|
Next topic
 »
Author Message

K259

Friday 22 September 2006 4:50:36 am

According to hash_type in site.ini and documentation for md5_user, the password_hash is generated by concatenating login, password, but this can not be. I testet to make an md5 hash out of my login+pass, but they don't match my password_hash in the ezuser table.

Why? Is there anything missing in the docs here, or does md5_user contain more values to hash?

Claudia Kosny

Friday 22 September 2006 5:18:45 am

Hi K259

Google is definitely your friend. As my Perl knowledge is rudimentary at best I don't know how useful these tips are, but this is a common problem.

http://lu.php.net/manual/en/function.md5.php#31238
http://www.jaguarpc.com/forums/showthread.php?p=100421

and
There is no such thing as incompatibility between different implementation of MD5. There only one MD5 in the world. Probably, you want to $digest = $ctx->hexdigest; in perl.

(No clue what it means, I hope it helps you)

Greetings from Luxembourg

Claudia

Kristof Coomans

Friday 22 September 2006 5:21:16 am

Hi K

md5_user:
$str = md5( "$user\n$password" );

md5_site:
$str = md5( "$user\n$password\n$site" );

md5_password:
$str = md5( $password );

(taken from kernel/classes/datatypes/ezuser/ezuser.php)

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

K259

Friday 22 September 2006 5:26:48 am

This:
md5_site:
$str = md5( "$user\n$password\n$site" );

What if I got a letter ö in the SiteName under settings/site.ini.

I have a sql-statement which don't take this variable because there's an error on the site variabel.

I tried: $str = md5( "$user\n$password\n"xxxöxxx"" ); But I can't enter this ö in the script (VI editor), it won't allow me.

Any ideas how I can get around this? When SiteName contains unsupportet letters..?

Thanks

Claudia Kosny

Friday 22 September 2006 5:38:43 am

Hello K259

This seems to depend on the database or on the character set used.
SELECT MD5( 'ö testing' ) worked fine for me on a utf8 website with utf8 database.

I think if you cannot use the md5 function of SQL with your setup you have to persevere and your perl to produce a php type md5 string. Then there should not be a problem as the md5 contains only 'legal' characters.

Claudia

K259

Friday 22 September 2006 5:59:31 am

Hi Claudia!

Does select æ work?

Claudia Kosny

Friday 22 September 2006 6:37:14 am

Yes.

Paul Borgermans

Friday 22 September 2006 8:36:46 am

Hi Claudia

Could you contact me outside these forums?
My email: paul [dot] borgermans [at] gmail [dot] com

Have a nice weekend

Paul

eZ Publish, eZ Find, Solr expert consulting and training
http://twitter.com/paulborgermans