-1

I have a hash function on sa-mp

new MyHash[256];
SHA256_PassHash(inputtext, "78sdjs86d2h", MyHash, sizeof(MyHash));
if(!strcmp(MyHash, PlayerInfo[playerid][pKey]))

I assume 78sdjs86d2h is the salt, but how do I set the salt in PHP?

I am using this code, and it hashes but not with my salt.

if(isset($_POST['username']) && isset($_POST['password'])){

    mysql_query('SET NAMES utf8');
    $var = mysql_real_escape_string("\xbf\x27 OR 1=1 /*");

    $username = mysql_real_escape_string($_POST['username']);
    $parola = mysql_real_escape_string($_POST['password']);
    $hash = hash('sha256', $parola);

    $check = get_row("SELECT ID FROM players WHERE Name='$username' && password='$hash' LIMIT 1");
    if(isset($check['ID']))
    {
        $_SESSION['username'] = $_POST['username'];
        $_SESSION['password'] = $_POST['password'];
        $id = $check['ID'];
        header("location: index.php");
    }
    else
    {
        printf("%s", $hash);
        $err = 'Username sau parola incorecte';
    }
}

How do I make it hash with my own salt?

Don't Panic
  • 41,125
  • 10
  • 61
  • 80
State Valentin
  • 37
  • 4
  • I strongly suggest using [password_hash](http://php.net/manual/en/function.password-hash.php) for this, and [using mysqli or pdo instead of mysql](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). – Don't Panic Mar 02 '16 at 23:15

1 Answers1

-1

UPDATE: Tried this way

$username = mysqli_real_escape_string($DB_H, addslashes($_POST['username']));
$password1 = $_POST['password'];
$salt      = '78sdjs86d2h';
$parola    = hash('sha256', $password1 . $salt);

The result: 33ca067dc70ef75fc1a1107f4345f3a819ecca657d3d9646d26822fd691cd10c The original: BFD2832240F5FC1FD12004634EBE9FDE97BD0D4690695DFAC1350D0AE037398F

State Valentin
  • 37
  • 4