password create in database

[Velotexas 0]

hi everypoeple.

I will create website for testing, but i can't generate the password .
look my request:
 

// Vérifier si le formulaire d'inscription est soumis
if(isset($_POST['submit'])) {
    // Récupérer les données du formulaire
    $login = $_POST['login'];
    $password = $_POST['password'];
    $social_id = $_POST['social_id'];
    $email = $_POST['email'];

    // Inclure le fichier de configuration pour les paramètres de connexion à la base de données
    require_once '../config/config.php';

try {
    // Hachage du mot de passe
    $hashed_password = sha1(sha1($password));

    // Préparer et exécuter la requête d'insertion pour ajouter le nouvel utilisateur dans la base de données
    $sql = "INSERT INTO account (login, password, social_id, email) VALUES (?, ?, ?, ?)";
    $stmt = $pdo1->prepare($sql);
    $stmt->execute([$login, $hashed_password, $social_id, $email]);

    // Afficher un message de succès
    $_SESSION['success_message'] = "Votre compte a été créé avec succès.";
    header('Location: ../index.php');
    exit();
} catch(PDOException $e) {
    // En cas d'erreur, afficher un message d'erreur
    $_SESSION['error_message'] = "Erreur lors de la création de votre compte : " . $e->getMessage();
    header('Location: pages/inscription.php');
    exit();
}
}

 this code is for register and he create the password format :10a34637ad661d98ba3344717656fcc76209c2f8. = 123456789 but 
the password admin is 123456789 = *CC67043C7BCFF5EEA5566BD9B1F3C74FD9A5CF5D

why?

tanks for answer and sorry for my english
 

[AZICKO 7144]

If you use PASSWORD() default format in MySQL, in PHP you can use :

$passwordRaw = 'ton mot de passe';
$password = '*'.strtoupper(sha1(sha1($passwordRaw, true)));

 

[Velotexas 0]

thanks but :
*BE1BDEC0AA74B4DCB079943E70528096CCA985F8

this format is good ,  not value: 
*CC67043C7BCFF5EEA5566BD9B1F3C74FD9A5CF5D

i use [40250] Reference Serverfile By TMP4
he define login/password = admin/123456789.
 

 

[AZICKO 7144]

11 minutes ago, Velotexas said:

thanks but :
*BE1BDEC0AA74B4DCB079943E70528096CCA985F8

this format is good ,  not value: 
*CC67043C7BCFF5EEA5566BD9B1F3C74FD9A5CF5D

i use [40250] Reference Serverfile By TMP4
he define login/password = admin/123456789.

I don't know if he changed the hashing method.
You need to check the source code.

PS -> The PHP code I mentioned is the one used on this page (https://metin2.dev/tools/password/)

[Takuma 181]

Maybe I'm going to ask a stupid question, but if the hash function hasn't been changed, why not directly use the MySQL PASSWORD() function?

$sql = "INSERT INTO account (login, password, social_id, email) VALUES (?, PASSWORD(?), ?, ?)";
    $stmt = $pdo1->prepare($sql);
    $stmt->execute([$login, $password, $social_id, $email]);

PASSWORD('123456789') give you *CC67043C7BCFF5EEA5566BD9B1F3C74FD9A5CF5D.

 

Edit :  or this if you're on MySQL 8 (ty Gurgarath)

CONCAT('*', UPPER(SHA1(UNHEX(SHA1(?)))));

or

-- not tested
CREATE FUNCTION PASSWORD(input VARCHAR(255)) RETURNS CHAR(41)
BEGIN
    DECLARE output CHAR(41);
    SET output = CONCAT('*', UPPER(SHA1(UNHEX(SHA1(input)))));
    RETURN output;
END;

 

Edited February 10 by Takuma

[Velotexas 0]

i think just my website source is bad.
I'll start again.

[Velotexas 0]

so I think I’m using the wrong version of mysql, metin memory uses 5.7 and I’m in 8.2.

my local code works perfectly but the password is not in the same format.

so I naturally install a local private server, 
I can connect with the admin account
I can also create a new account with my site 

but the problem is.
the account created has this password format:
$10$YHlEmrZplp6I/OzrdErycuPCHbaIeYumEx.ER7

while the admin account has the:
*CC67043C7BCFF5EEA5566BD9B1F3C74FD9A5CF5D

and obviously once run it, I manage to connect with admin, but not with the new account.

Did I make a mistake somewhere? 

[Takuma 181]

ASIKOO gave you PHP code to generate a password like MySQL 5.2, and I gave you the code to generate it with MySQL as well.

We can't do more...

 

[Velotexas 0]

i'm sorry.
with this code:

$passwordRaw = 'ton mot de passe' ; $mot de passe = '*' . strtoupper ( sha1 ( sha1 ( $passwordRaw , true )));

i haven't modified $mot de passe.
now it's ok .

thanks you...