Text Passwords to md5($pass.$salt)

[theENIGMATRON]

Its simple "In Theory"
I have a text file, or a CSV, or Excel or what ever format you like,
It has Login Account information on it that i am trying to import into a MySQL Database, "This i have done successfully"
BUT and its a BIG BUT,

The Passwords are not Encrypted, and to have them work on my Site, i need to have them MD5 and Salt "md5($pass.$salt)"
I have two tables in my Database,
1 Called "password"
1 called "saltpass"

This is what stores the 2 sets of passwords for that account,
I some how need to encrypted the passwords i have now, and then update the existing data by importing it into the database,
"Hope i am clear up to this point"

So what i have done, is a PHP script that will convert the text Password to MD5 and 5 charectors long SALT code.
And then give the output to me in a Txt file,

Here is a copy of the code i am using:

Code: Select all

<?php
  // function to accept a plain text password and return a encrypted password
  // with the salt attached to the end of the string (note: the salt is 9 characters)
  function tep_encrypt_password($pass){
    $salt = substr(md5 ($password), 0, 5);
  // $password = md5($salt.$plain).':'.$salt;
    $password = md5($pass.$salt).':'.$salt;
    return $password;
  }
  
  // get a file with 3 columns separated by spaces [userid email password]
  $lines = file('passwords.txt');
  
  // iterate each line
  foreach($lines as $key => $line){
    // put each element into a variable
    list($email, $password) = explode(",", $line);
    // encrypt the password
    $password = tep_encrypt_password($password);
    // put the elements back into a single line
    $lines[$key] = implode(" ", array($email, $password));
  }
  // put all of the lines back into a single variable
  $lines = implode("\n", $lines);
  // write the variable to file
  file_put_contents('passwords3.txt', $lines);
?> 

And it works,
Only when passwords.txt contains 1 Email address and Password,
When i start on multiple lines, it seems to fall over itself and give me invalid MD5 and Salt passwords,

This is the correct data i have been working on,

Format is: Email, Password

frankrank@live.com maitland 71906d768efd2d598de075ec6350f390:d41d8
looney@google.com allan2009 ab32a79054cf7ad7e5f288dcda05ce27:d41d8
nonenone@franks.com jameswoodhead1 f5acdb98721f1a09e947e3d047d6e931:d41d8

my text file i would be using in the script passwords.txt:

frankrank@live.com,maitland
looney@google.com,allan2009
nonenone@franks.com,jameswoodhead

But when i run the code i get: There all wrong in comparison to the above

frankrank@live.com 508650b0fef24cb3f9a8fd6ddd601085:d41d8
looney@google.com 6137a3b58e149c67196ff7b603e5f852:d41d8
nonenone@franks.com 569730a471662db85dd2d9c5479d6e6d:d41d8

So all the MD5 and Salt password are wrong?????


But when i run the same thing again but this time i have 1 line instead of 3, i get the correct information:

frankrank@live.com 71906d768efd2d598de075ec6350f390:d41d8

So where am i going wrong?
Its not a case of doing it one by one, as i have 3,000 odd customer to run this on,

For the moment, untill i can figure it out, i removed the Ramdon Salt Code,
Ill add it back in when i know its works properly too confusing otherwise

[InfiniteStates]

I'm not sure of the syntax you're using (despite being similar to C), but the only suggestion I can make is that multi-line files are breaking at the wrong point...

e.g:
mailA, passA\n
mailB, passB\n
etc.

is getting "exploded" down into:
mailA + passA\nmailB
mailB + passB\netc

but then I don't know how 'foreach($lines as $key => $line)' works...

But if single lines work, try explicitly breaking it into lines yourself.


Another thought is that a single line doesn't have the \n on the end, where as $line may contain that character in the multi-line. So you may need to strip that off...


If it were me, I would start by printing out $line immediately after the foreach($lines... both for single and multi-line versions and make sure it contains what you think.

Good luck though mate - I bet the answer will be obvious to you after a night's sleep

[theENIGMATRON]

LMAO
That is funny how each language is similar
or your well talented and know many things lol

But yes you where right,
I had spent a few hours doing a data conversion from Microsoft to MySQL,
And the last thing was the Password Encryption,

By this time i had enough, so i posted around and Killzone_Kid come back with a reply about the line break

Congrats KK for you assistance,

And Congrats States on your findings

[InfiniteStates]

Glad you got it sorted mate - nothing worse than going into a weekend (especially a bank holiday one) with a nasty bug hanging over your head

Oh - and pre-order RUSE. No shit, just take Sy and my words for it LoL

[DJ-Daz]

ah, it makes sense now.

[theENIGMATRON]

Yup
simple calculator does the job

You make a transfer, it gives you a reference.
i.e.

1234567AABB

On there website or in store it will say to use the calculator to verify the transaction.
and will wait for your code.

Your Calc will ask you to input your card, eneter in your Pin and then the last 5 digits or so of the transaction reference.

PIN: 6783
Tran: 7AABB

= "What ever the two codes are combined like the above method"

Its clever but Basic.

But also holds flaws that anyone with your PIN and a Calculator can do a transfer.

So now i know what you bank with, all i need to do is Rob your Card, Make sure i have a Calc provided by that bank, and of course your online details.
Unless i go into the bank lol

[Symonator]

uh why are u resurrecting a 2 year old post?

[DJ-Daz]

it was a tangent Dave and I got talking about last night.

[Symonator]

ok lol.

[InfiniteStates]

At least I wasn't wrong about RUSE