[BETA] md5*3()
Добавлено: 12.08.2004 18:53
Код: Выделить всё
##############################################################
## MOD Title: md5*3()
## MOD Author: R@ < meos@mail.ru > (Kirill) n/a
## MOD Description: Gives more security to your users passwords by hashing it 3 times by md5 algorythm instead of one
## MOD Version: 1.0.0
##
## Installation Level: Easy
## Installation Time: 7 Minutes
## Files To Edit (4): login.php
## includes/usercp_register.php
## includes/usercp_sendpasswd.php
## admin/admin_users.php
## Included Files (1): db_update.php
##############################################################
## For Security Purposes, Please Check: http://www.phpbbguru.net/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum.
##############################################################
## Author Notes: run db_update.php for updating exists passwords
##
## Before adding this MOD to your forum, you should backup users table of your phpBB database
##
##
##############################################################
## MOD History:
##
## 2004-08-11 - Version 1.0.0
## - Initial Release
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ OPEN ]------------------------------------------
#
login.php
#
#-----[ FIND ]------------------------------------------
#
if( md5($password) == $row['user_password'] && $row['user_active'] )
#
#-----[ REPLACE WITH ]------------------------------------------
#
if( md5(md5(md5($password))) == $row['user_password'] && $row['user_active'] )
#
#-----[ OPEN ]------------------------------------------
#
includes/usercp_register.php
#
#-----[ FIND ]------------------------------------------
#
if ( $row['user_password'] != md5($cur_password) )
#
#-----[ REPLACE WITH ]------------------------------------------
#
if ( $row['user_password'] != md5(md5(md5($cur_password))) )
#
#-----[ FIND ]------------------------------------------
#
$new_password = md5($new_password);
#
#-----[ REPLACE WITH ]------------------------------------------
#
$new_password = md5(md5(md5($new_password)));
#
#-----[ FIND ]------------------------------------------
#
if ( $row['user_password'] != md5($cur_password) )
#
#-----[ REPLACE WITH ]------------------------------------------
#
if ( $row['user_password'] != md5(md5(md5($cur_password))) )
#
#-----[ OPEN ]------------------------------------------
#
includes/usercp_sendpasswd.php
#
#-----[ FIND ]------------------------------------------
#
SET user_newpasswd = '" . md5($user_password) . "', user_actkey = '$user_actkey'
#
#-----[ REPLACE WITH ]------------------------------------------
#
SET user_newpasswd = '" . md5(md5(md5($user_password))) . "', user_actkey = '$user_actkey'
#
#-----[ OPEN ]------------------------------------------
#
admin/admin_users.php
#
#-----[ FIND ]------------------------------------------
#
$password = md5($password);
#
#-----[ REPLACE WITH ]------------------------------------------
#
$password = md5(md5(md5($password)));
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
db_update.php
Код: Выделить всё
<?php
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
$sql = "UPDATE " . USERS_TABLE . " SET user_password = md5(md5(user_password)) WHERE user_id > '1'";
if (!$result = $db->sql_query($sql))
{
die('Error');
}
else
{
die('OK, delete this script');
}
?>