From efb9688288ef4277be4293afaa8609e1fdbd9d0b Mon Sep 17 00:00:00 2001 From: Kazuki Przyborowski Date: Sat, 15 Jan 2011 09:11:23 +0000 Subject: [PATCH] Small update to iHash(iDB Hash System). >_> :P <_< git-svn-id: svn://svn.code.sf.net/p/intdb/svn/trunk@613 2b68903e-0b30-0410-9a39-a2e4f3c5be39 --- inc/members.php | 18 +++++++++++++++++- inc/misc/functions.php | 10 ++++++++-- inc/profilemain.php | 16 +++++++++++++++- inc/versioninfo.php | 6 +++--- setup/mkconfig.php | 10 ++++++++-- setup/setup.php | 6 +++++- sql.php | 7 +++++-- 7 files changed, 61 insertions(+), 12 deletions(-) diff --git a/inc/members.php b/inc/members.php index ace6986..4720ad2 100644 --- a/inc/members.php +++ b/inc/members.php @@ -11,7 +11,7 @@ Copyright 2004-2011 iDB Support - http://idb.berlios.de/ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: members.php - Last Update: 12/28/2010 SVN 607 - Author: cooldude2k $ + $FileInfo: members.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="members.php"||$File3Name=="/members.php") { @@ -903,6 +903,7 @@ if($HashType=="iDBH2") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPas if($HashType=="iDBH4") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"md4"); } if($HashType=="iDBH5") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"md5"); } if($HashType=="iDBH") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); } +if($HashType=="iDBH1") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha1"); } if($HashType=="iDBH224") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha224"); } if($HashType=="iDBH256") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha256"); } if($HashType=="iDBH384") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"sha384"); } @@ -913,6 +914,9 @@ if($HashType=="iDBHRMD256") { $YourPassword = b64e_hmac($_POST['userpass'],$Join if($HashType=="iDBHRMD320") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"ripemd320"); } if($HashType=="iDBHSALSA10") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"salsa10"); } if($HashType=="iDBHSALSA20") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"salsa20"); } +if($HashType=="iDBHSFRU") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"snefru"); } +if($HashType=="iDBHSFRU256") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"snefru256"); } +if($HashType=="iDBHGOST") { $YourPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$HashSalt,"gost"); } if($YourPassword!=$YourPassTry) { $passright = false; } if($YourPassword==$YourPassTry) { $passright = true; $YourIDM=sql_result($resultlog,$i,"id"); @@ -964,6 +968,12 @@ if($Settings['use_hashtype']=="salsa10") { $iDBHash = "iDBHRMD320"; $NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"salsa10"); } if($Settings['use_hashtype']=="salsa20") { $iDBHash = "iDBHRMD320"; $NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"salsa20"); } +if($Settings['use_hashtype']=="snefru") { $iDBHash = "iDBHSFRU"; +$NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"snefru"); } +if($Settings['use_hashtype']=="snefru256") { $iDBHash = "iDBHSFRU256"; +$NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"snefru256"); } +if($Settings['use_hashtype']=="gost") { $iDBHash = "iDBHGOST"; +$NewPassword = b64e_hmac($_POST['userpass'],$JoinedPass,$NewHashSalt,"gost"); } $NewDay=GMTimeStamp(); $NewIP=$_SERVER['REMOTE_ADDR']; if($BanError!="yes") { @@ -1386,6 +1396,12 @@ if($Settings['use_hashtype']=="salsa10") { $iDBHash = "iDBHRMD320"; $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"salsa10"); } if($Settings['use_hashtype']=="salsa20") { $iDBHash = "iDBHRMD320"; $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"salsa20"); } +if($Settings['use_hashtype']=="snefru") { $iDBHash = "iDBHSFRU"; +$NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"snefru"); } +if($Settings['use_hashtype']=="snefru256") { $iDBHash = "iDBHSFRU256"; +$NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"snefru256"); } +if($Settings['use_hashtype']=="gost") { $iDBHash = "iDBHGOST"; +$NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$HashSalt,"gost"); } $_GET['YourPost'] = $_POST['Signature']; //require( './'.$SettDir['misc'].'HTMLTags.php'); $_GET['YourPost'] = htmlspecialchars($_GET['YourPost'], ENT_QUOTES, $Settings['charset']); diff --git a/inc/misc/functions.php b/inc/misc/functions.php index 947be85..bb71b70 100644 --- a/inc/misc/functions.php +++ b/inc/misc/functions.php @@ -11,7 +11,7 @@ Copyright 2004-2011 iDB Support - http://idb.berlios.de/ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: functions.php - Last Update: 01/01/2010 SVN 608- Author: cooldude2k $ + $FileInfo: functions.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="functions.php"||$File3Name=="/functions.php") { @@ -399,7 +399,13 @@ function ripemd320($data) { return hash("ripemd320",$data); } } if(in_array("salsa10",hash_algos())) { function salsa10($data) { return hash("salsa10",$data); } } if(in_array("salsa20",hash_algos())) { -function salsa20($data) { return hash("salsa20",$data); } } } +function salsa20($data) { return hash("salsa20",$data); } } +if(in_array("snefru",hash_algos())) { +function snefru($data) { return hash("snefru",$data); } } +if(in_array("snefru256",hash_algos())) { +function snefru256($data) { return hash("snefru256",$data); } } +if(in_array("gost",hash_algos())) { +function gost($data) { return hash("gost",$data); } } } // Try and convert IPB 2.0.0 style passwords to iDB style passwords function hash2xkey($data,$key,$hash1='md5',$hash2='md5') { return $hash1($hash2($key).$hash2($data)); } diff --git a/inc/profilemain.php b/inc/profilemain.php index ae517fc..353b502 100644 --- a/inc/profilemain.php +++ b/inc/profilemain.php @@ -11,7 +11,7 @@ Copyright 2004-2011 iDB Support - http://idb.berlios.de/ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: profilemain.php - Last Update: 12/07/2010 SVN 600 - Author: cooldude2k $ + $FileInfo: profilemain.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="profilemain.php"||$File3Name=="/profilemain.php") { @@ -884,6 +884,8 @@ if($OldHashType=="iDBH5") { $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"md5"); } if($OldHashType=="iDBH") { $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"sha1"); } +if($OldHashType=="iDBH1") { + $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"sha1"); } if($OldHashType=="iDBH224") { $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"sha224"); } if($OldHashType=="iDBH256") { @@ -904,6 +906,12 @@ if($OldHashType=="iDBHSALSA10") { $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"salsa10"); } if($OldHashType=="iDBHSALSA20") { $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"salsa20"); } +if($OldHashType=="iDBHSFRU") { + $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"snefru"); } +if($OldHashType=="iDBHSFRU256") { + $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"snefru256"); } +if($OldHashType=="iDBHGOST") { + $YourPassword = b64e_hmac($_POST['OldPass'],$OldJoined,$OldSalt,"gost"); } if($YourPassword!=$OldPassword) { $Error="Yes"; ?>
Your old Password did not match.
 
"60") { $Error="Yes"; ?> @@ -945,6 +953,12 @@ if($YourPassword!=$OldPassword) { $Error="Yes"; ?> $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$NewSalt,"salsa10"); } if($Settings['use_hashtype']=="salsa20") { $iDBHash = "iDBHSALSA20"; $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$NewSalt,"salsa20"); } + if($Settings['use_hashtype']=="snefru") { $iDBHash = "iDBHSFRU"; + $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$NewSalt,"snefru"); } + if($Settings['use_hashtype']=="snefru256") { $iDBHash = "iDBHSFRU256"; + $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$NewSalt,"snefru256"); } + if($Settings['use_hashtype']=="gost") { $iDBHash = "iDBHGOST"; + $NewPassword = b64e_hmac($_POST['Password'],$_POST['Joined'],$NewSalt,"gost"); } $_SESSION['UserPass']=$NewPassword; if($cookieDomain==null) { setcookie("SessPass", $NewPassword, time() + (7 * 86400), $cbasedir); } diff --git a/inc/versioninfo.php b/inc/versioninfo.php index 04d21c5..c9fbee0 100644 --- a/inc/versioninfo.php +++ b/inc/versioninfo.php @@ -11,7 +11,7 @@ Copyright 2004-2011 iDB Support - http://idb.berlios.de/ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: versioninfo.php - Last Update: 01/09/2011 SVN 611 - Author: cooldude2k $ + $FileInfo: versioninfo.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="versioninfo.php"||$File3Name=="/versioninfo.php") { @@ -27,8 +27,8 @@ function version_info($proname,$subver,$ver,$supver,$reltype,$svnver,$showsvn) { return $return_var; } // Version number and date stuff. :P $VER1[0] = 0; $VER1[1] = 4; $VER1[2] = 2; $VERFull[1] = $VER1[0].".".$VER1[1].".".$VER1[2]; -$VER2[0] = "Alpha"; $VER2[1] = "Al"; $VER2[2] = "SVN"; $SubVerN = 611; $RName = "iDB"; $SFName = "IntDB"; -$SVNDay[0] = 01; $SVNDay[1] = 09; $SVNDay[2] = 2011; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2]; +$VER2[0] = "Alpha"; $VER2[1] = "Al"; $VER2[2] = "SVN"; $SubVerN = 612; $RName = "iDB"; $SFName = "IntDB"; +$SVNDay[0] = 01; $SVNDay[1] = 15; $SVNDay[2] = 2011; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2]; $VerInfo['iDB_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,false); $VerInfo['iDB_Ver_SVN'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,true); $VerInfo['iDB_Full_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[0],$SubVerN,false); diff --git a/setup/mkconfig.php b/setup/mkconfig.php index 4d1961b..62dab2b 100644 --- a/setup/mkconfig.php +++ b/setup/mkconfig.php @@ -12,7 +12,7 @@ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ iDB Installer made by Game Maker 2k - http://idb.berlios.net/ - $FileInfo: mkconfig.php - Last Update: 12/07/2010 SVN 600 - Author: cooldude2k $ + $FileInfo: mkconfig.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="mkconfig.php"||$File3Name=="/mkconfig.php") { @@ -122,7 +122,10 @@ if($_POST['usehashtype']!="md2"&& $_POST['usehashtype']!="ripemd256"&& $_POST['usehashtype']!="ripemd320"&& $_POST['usehashtype']!="salsa10"&& - $_POST['usehashtype']!="salsa20") { + $_POST['usehashtype']!="salsa20"&& + $_POST['usehashtype']!="snefru"&& + $_POST['usehashtype']!="snefru256"&& + $_POST['usehashtype']!="gost") { $_POST['usehashtype'] = "sha1"; } } if($_POST['usehashtype']=="md2") { $iDBHashType = "iDBH2"; } if($_POST['usehashtype']=="md4") { $iDBHashType = "iDBH4"; } @@ -138,6 +141,9 @@ if($_POST['usehashtype']=="ripemd256") { $iDBHashType = "iDBHRMD256"; } if($_POST['usehashtype']=="ripemd320") { $iDBHashType = "iDBHRMD320"; } if($_POST['usehashtype']=="salsa10") { $iDBHashType = "iDBHSALSA10"; } if($_POST['usehashtype']=="salsa20") { $iDBHashType = "iDBHSALSA20"; } +if($_POST['usehashtype']=="snefru") { $iDBHashType = "iDBHSFRU"; } +if($_POST['usehashtype']=="snefru256") { $iDBHashType = "iDBHSFRU256"; } +if($_POST['usehashtype']=="gost") { $iDBHashType = "iDBHGOST"; } if ($_POST['AdminUser']=="Guest") { $Error="Yes"; echo "
You can not use Guest as your name."; } /* We are done now with fixing the info. ^_^ */ diff --git a/setup/setup.php b/setup/setup.php index 4586a6a..ef552c6 100644 --- a/setup/setup.php +++ b/setup/setup.php @@ -12,7 +12,7 @@ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ iDB Installer made by Game Maker 2k - http://idb.berlios.net/ - $FileInfo: setup.php - Last Update: 12/07/2010 SVN 600 - Author: cooldude2k $ + $FileInfo: setup.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="setup.php"||$File3Name=="/setup.php") { @@ -148,6 +148,8 @@ if(in_array("md2",hash_algos())) { ?> + + @@ -162,6 +164,8 @@ if(in_array("md2",hash_algos())) { ?> + + diff --git a/sql.php b/sql.php index 02071c8..9c0eacc 100644 --- a/sql.php +++ b/sql.php @@ -11,7 +11,7 @@ Copyright 2004-2011 iDB Support - http://idb.berlios.de/ Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/ - $FileInfo: sql.php - Last Update: 01/08/2011 SVN 611 - Author: cooldude2k $ + $FileInfo: sql.php - Last Update: 01/15/2011 SVN 612 - Author: cooldude2k $ */ /* Some ini setting changes uncomment if you need them. Display PHP Errors */ @@ -165,7 +165,10 @@ if($Settings['use_hashtype']!="md2"&& $Settings['use_hashtype']!="ripemd256"&& $Settings['use_hashtype']!="ripemd320"&& $Settings['use_hashtype']!="salsa10"&& - $Settings['use_hashtype']!="salsa20") { + $Settings['use_hashtype']!="salsa20"&& + $Settings['use_hashtype']!="snefru"&& + $Settings['use_hashtype']!="snefru256"&& + $Settings['use_hashtype']!="gost") { $Settings['use_hashtype'] = "sha1"; } } // Check to see if variables are set require_once($SettDir['misc'].'setcheck.php'); -- 2.11.0