[مجابة]كيف اتحقق من تطابق اسم المستخدم مع كلمة المرور

[wisammo]

??? ????? ?? ????? ??? ???????? ?? ???? ??????
??? ??? ??? ??? ????? $username ?????? $password...
???? ???? ??????:

كود: تحديد الكل

function check_validity($username,$password){
//return true or false
}

????? ???????? ?????...

[TheIlluminative]

??????? ???? ??? phpBB ?? ?? ???? PHP ???? ???? ?????? ??????.

[saanina]

???? ????? !

????? ???? ????? .. ? ????? ??? ???? ??? ???? ?? ???? ?????? ?????? ????? ???? ????? ????? ????? !

??? ??? ????????? ?? ?? ?????? ???????? ?? ???? ?

[wisammo]

??? ???... ?????? ?? ?????? ??? ??? ???? ??????...
?????? ?? ??? ???? ??? PHPBB3 ?? ?????? ???...
??? ?????? ?????? ???? ??????? ??? ???????...
??????? ?? ??????? ?????? ??? ???????? ????? ??????...
???? ?????? ??????? ?? ????? ?? ??? ???? ??????... ?? ?? ???? ?????? ??????? ?? ???? ???????? ??????...
??? ?? ??? LogIn....
??????? ???? ?? ?? ??????? ???? ?? ??? ????? ???? ??????...
????? ?? ???? ?? ????? ??????...
????? ?????...

[saanina]

????? ????? ..

?? ???? ????? ????? ..??

كود: تحديد الكل

    define('IN_PHPBB', true);
    $phpbb_root_path = './forum/';
    $phpEx = substr(strrchr(__FILE__, '.'), 1);
    include($phpbb_root_path . 'common.' . $phpEx);
    // Start session management
    $user->session_begin();
    $auth->acl($user->data);
    $user->setup();
    

??? forum ????? ??????
$phpbb_root_path = './forum/';

???? ?? ????? !

???? ??? ??????
???? ??? ???? ?????? , ????? ?????? ????? ..

كود: تحديد الكل

<form method="post" action="forum/ucp.php?mode=login">
<label for="username">Username: </label> <input type="text" name="username" id="username" size="40" /><br /><br />
<label for="password">Password: </label><input type="password" name="password" id="password" size="40" /><br /><br />
<label for="autologin">Remember Me?: </label><input type="checkbox" name="autologin" id="autologin"  /><br /><br />
<input type="submit" value="Log In" name="login" />
<input type="hidden" name="redirect" value="../index.php" />
</form>

????? ??? ???? ???? ????? ???? ????? ??????? ?? ???????

كود: تحديد الكل

    <a title="Register" href="forum/ucp.php?mode=register">Register</a>

???? ??? ???? ???? ?? ??? ?????? ?? ????

كود: تحديد الكل

if($user->data['is_registered'])
{
     echo '???? ?? ?????? ??  ' . $user->data['username'];
}
else
{
 echo '???? ??????? ?????? !';
} 

http://www.phpbb.com/community/viewtopi ... 6&t=643075

[wisammo]

?? sanina,
???? ???? ??? ????? ???? ?? ?????? ???...
?? ??????? ???? ??? ?? ?????...
??? ??? ???? ???????? ?????? ?????? ??????? ???? ????? ????? ?? ???????...
???? ?? ????? ??? ?? ???? ???? ?????? ???????? ???? phpbb_users... (??? ?? ???????)
???? ???? ????? ?????? ???????? ?????? ?? ???? ???????...
??? ??????:

كود: تحديد الكل

//??? ??????? ?????? ???????? ???? ????
if(isset($username) && isset($userpass)){
	$result = mysql_query("SELECT * FROM phpbb_users WHERE username='$username'");
	if($row=mysql_fetch_array($result)){
		if(md5($userpass)==$row['user_password']){
			echo "??? ?? ????? ??????";
		}else{
			echo "???? ???? ?????";
		}
	}else{
		echo "??? ?????? ????";
	}
}

???? ?????

كود: تحديد الكل

if(md5($userpass)==$row['user_password']){

???? ?????? ?? ??????? ??????? ?? ??????? ?? md5()
???? ??????? ?? md5 ???? ?? ??????? ???????...

??????? ???? ?????? ???? ????? ???? ?????? ????: "soom123" ????? ?? ??????? (????? ????? ????? ?? ????? ?????? ???????).

????? ??? ????? ?? ???? ?????? ?? ?????....
????? ????? ??? ????????....

[saanina]

wisammo

?????? ????? ????? ???? ???? ?? ??? ???? ????? ???? ?????? ?????? ..

??? ?????? ??? ?????? ???? ????? .. ????? ???? ?????? ???? ??????

كود: تحديد الكل

include("forums/includes/functions.php");
$pass = phpbb_hash($pass);

??? ???? ???? ?????? ...

[wisammo]

???? ?? sanina,
?? ??? ??? ??? ?? ???? ??????? ???...
??? ???

كود: تحديد الكل

include("forums/includes/functions.php");
$pass = phpbb_hash($pass);

???? ????? ????? functions.php ?? ???????? ((??????? ?? ???????)) ???????? ?? ???? ???...
??? ??? ?? ???? ???... ??? ?????? ?????...
?? ??? ???? ???? ????? ?? ??????? ???? ???? ???? ?????? ???????...
???? ????? ???? ??? ???????? ?????? ?????? ??????? ???? ?????...
?? ???? ??? ?? ??????? ????? ??? ??????...
????? ??? ????????...

[saanina]

???? ???? ???? ?? ????
http://www.moffed.com/community/viewtop ... 812#p19812
??????? ?????? !

????? ????? .. ??? ??? ???? ????

[wisammo]

?????...
?? saanina ???? ?????... ?? ?? ???? ??????
????? ??? ???? ???? ???? ?????? ???? ?????? ?????? ???????....
??? ??????:

كود: تحديد الكل

<?php
/**
*
* @package phpBB3
* @version $Id: viewforum.php 8674 2008-06-28 15:07:37Z acydburn $
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/

/**
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

echo phpbb_hash($_GET['pass']);

?>

?? ???? ?? ???? ???????... ????? ????? (????: soom123) ???? ?? ?? ??? ????? ?????....
????? ??? ??????? ???? ???... ??? ???? ?? ???? ?? ?? ?? ????? ???? ?????? ?????? ??????? ??????? ??? ??????? ?? ????? ????????... ?? ????? ??? ???????? ????? ?????? ??????? ??????...

???? ???? ???????? ???? ????? auth_apache.php ?? ?? ???? ??.

????? ??? ????? ??...

[saanina]

?????? ??? ??? ?????? ?????? ???? phpbb .. ??? ???? ???? ?????? ..

?? ??????? ????? ????? ??? ???? ????? .. ???? ??? ????? ????? ???? ??? ?????? ...

??? ???

[wisammo]

?? sanina,
???? ?? ?????? ???? ?? ??? ????... ???? ??????? ?? ??? ?????? ???? ???? ????... ???? ?????? ????? ????????...
??? ?? ????? ??????:
1. ??? ???? ??? ?????? ??? ???? ??????? ???????... ??? ??? ????? ????? ??????? ?? ???? ?????: common.php
2. ??? ?????? ???? ????: check_pass.php ?? ???? ??????? ????????...
????? ?????? check_pass.php:

كود: تحديد الكل

<?php
/**
*
* @package phpBB3
* @version $Id: faq.php,v 1.37 2007/10/05 14:30:06 acydburn Exp $
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/

/**
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'usr.' . $phpEx);

$myusrcp = new usrcp();

echo $myusrcp->phpbb("master","wisam123");

/*
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
*/

?>

???? ??? ?????? ???? ??????? ???? ?????...
??? ?? ?????????...
?????...

[saanina]

????? ???? ?????? ! ?? ???? ..

كود: تحديد الكل

<?php

/*
login before
*/

if(isset($_SESSION['login']))
{
		echo "you logon before !";
		exit;
}


//get username and passwoed ! from any resouse like _POST
$name	= "name";
$pass	=	"pass";

/*
connect to phpbb db
*/
$res_link	= mysql_connect($db_host, $db_userr, $db_pass);
mysql_select_db('phpbb3', $res_link);

						
$query2 = "SELECT * FROM  `phpbb_users`

							WHERE username_clean='" . strtolower($name) . " ";
											
$result2 =mysql_query($query2,$res_link );					
while($row=mysql_fetch_array($result2))

{
		if(phpbb_check_hash($pass, $row['user_password']))
		{
			//do session for login
			$_SESSION['login'] = $row['username_clean'];
			
			//if admin 
			$_SESSION['admin'] = ($row['user_type'] == 3) ? true : false
		}
		else
		{
			echo "wrong data";
		}
}
				

mysql_free_result($result2);   

unset($pass);





/*
functions file for you


1:
* Hash the password
*/
function phpbb_hash($password)
{
	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';

	$random_state = unique_id();
	$random = '';
	$count = 6;

	if (($fh = @fopen('/dev/urandom', 'rb')))
	{
		$random = fread($fh, $count);
		fclose($fh);
	}

	if (strlen($random) < $count)
	{
		$random = '';

		for ($i = 0; $i < $count; $i += 16)
		{
			$random_state = md5(unique_id() . $random_state);
			$random .= pack('H*', md5($random_state));
		}
		$random = substr($random, 0, $count);
	}

	$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);

	if (strlen($hash) == 34)
	{
		return $hash;
	}

	return md5($password);
}

/**
* Check for correct password
*/
function phpbb_check_hash($password, $hash)
{
	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
	if (strlen($hash) == 34)
	{
		return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false;
	}

	return (md5($password) === $hash) ? true : false;
}

/**
* Generate salt for hash generation
*/
function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6)
{
	if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
	{
		$iteration_count_log2 = 8;
	}

	$output = '$H$';
	$output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)];
	$output .= _hash_encode64($input, 6, $itoa64);

	return $output;
}

/**
* Encode hash
*/
function _hash_encode64($input, $count, &$itoa64)
{
	$output = '';
	$i = 0;

	do
	{
		$value = ord($input[$i++]);
		$output .= $itoa64[$value & 0x3f];

		if ($i < $count)
		{
			$value |= ord($input[$i]) << 8;
		}

		$output .= $itoa64[($value >> 6) & 0x3f];

		if ($i++ >= $count)
		{
			break;
		}

		if ($i < $count)
		{
			$value |= ord($input[$i]) << 16;
		}

		$output .= $itoa64[($value >> 12) & 0x3f];

		if ($i++ >= $count)
		{
			break;
		}

		$output .= $itoa64[($value >> 18) & 0x3f];
	}
	while ($i < $count);

	return $output;
}

/**
* The crypt function/replacement
*/
function _hash_crypt_private($password, $setting, &$itoa64)
{
	$output = '*';

	// Check for correct hash
	if (substr($setting, 0, 3) != '$H$')
	{
		return $output;
	}

	$count_log2 = strpos($itoa64, $setting[3]);

	if ($count_log2 < 7 || $count_log2 > 30)
	{
		return $output;
	}

	$count = 1 << $count_log2;
	$salt = substr($setting, 4, 8);

	if (strlen($salt) != 8)
	{
		return $output;
	}

	/**
	* We're kind of forced to use MD5 here since it's the only
	* cryptographic primitive available in all versions of PHP
	* currently in use.  To implement our own low-level crypto
	* in PHP would result in much worse performance and
	* consequently in lower iteration counts and hashes that are
	* quicker to crack (by non-PHP code).
	*/
	if (PHP_VERSION >= 5)
	{
		$hash = md5($salt . $password, true);
		do
		{
			$hash = md5($hash . $password, true);
		}
		while (--$count);
	}
	else
	{
		$hash = pack('H*', md5($salt . $password));
		do
		{
			$hash = pack('H*', md5($hash . $password));
		}
		while (--$count);
	}

	$output = substr($setting, 0, 12);
	$output .= _hash_encode64($hash, 16, $itoa64);

	return $output;
}

/**
* Return unique id
* @param string $extra additional entropy
*/
function unique_id($extra = 'c')
{
	global $res_link;


	unset($forum_pass); // We do not need this any longe
	$query = 'SELECT config_value FROM `phpbb_config`

							WHERE config_name="rand_seed"';	

				

	$result	= mysql_query($query, $res_link);
	$config	=	mysql_fetch_assoc($result);
	
	$val = $config['config_value'] . microtime();
	$val = md5($val);

	unset($config);

	return substr($val, 4, 16);
}


///
mysql_close($res_link);

???? ????? ! ???? ???? ??????? ??? ?????? ..

كود: تحديد الكل

session_start();

????? ?????? ??? 10 ???? ?? ???? ??? ??? ????? ??????? ???? ???? phpbb ..

???? ??? ????? ??? ???? ..????? ?????? ????? ????? ??? ?????? ..

[wisammo]

???? ????? ?? saanina,
?? ?? ??????? ?????....
???? ???? ??? ??? ???? ?????? ????? ???? ??? ?????? phpbb3...
??????: www.hmk-soft.com