Jump to content

SALT - im confused

a1amattyj

By a1amattyj
in PHP Coding Help

 Share

Recommended Posts

a1amattyj Regular Member

a1amattyj

Posted
Posted

Hello,

 

Im trying to code something for the forum mybb. However, with the user field in mySQL, it has two types, obviously  the username, then a password and "salt". The password is md5($password) and im just lost with the $salt part of it all. If i insert this into the database, and try and login, it will give me invalid. This thread may help : http://community.mybboard.net/showthread.php?tid=27832

 

Im just confused and been at it for an hour or two.

 

Any suggestions?

 

Database structure  =  http://wiki.mybboard.net/index.php/Database_Tables/mybb_users

Link to comment
Share on other sites
php_dave Newbie

php_dave

Posted
Posted

Hey,

 

im not overly sure what it is you are asking - but a SALT is just a string that is added to a users password to improve the hash that is created from using the md5 routine - a SALT can be static or dynamic - looks like your BB uses a dynamic SALT for each user and stores it in the database in the users record...

 

here is an example

 

Normal

$password = $_GET['password'];
$hash = md5($password);

 

using salt

$password = $_GET['password'];
$salt = 'GET SALT FROM DB'
$hash = md5($password.$salt);

 

Hope this helps

 

Dave

Link to comment
Share on other sites
a1amattyj Regular Member

a1amattyj

Posted
  • Author
Posted

Hey,

 

im not overly sure what it is you are asking - but a SALT is just a string that is added to a users password to improve the hash that is created from using the md5 routine - a SALT can be static or dynamic - looks like your BB uses a dynamic SALT for each user and stores it in the database in the users record...

 

here is an example

 

Normal

$password = $_GET['password'];
$hash = md5($password);

 

 

using salt

$password = $_GET['password'];
$salt = 'GET SALT FROM DB'
$hash = md5($password.$salt);

 

Hope this helps

 

Dave

 

Okay thanks,

 

from what i can gather, the salt in the database for each user is obviously always different. It is also always 8 characters.

 

Where you say 

$salt = 'GET SALT FROM DB'

 

Where too in the database would this be coming from?

 

Thanks

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.