Sitefinity Password Hash in PHP
Question
I'm working on a project that requires using a client's existing Sitefinity database for user logins. I'm only able to build in PHP, and am trying to hash the passwords in PHP, and compare them with the hashed passwords in the Sitefinity database.
I'm came across, this question , which explains how Sitefinity does it's hashing, and it was a help to get started, but I don't fully understand it as it's obviously written in ASP. I need to find if there's a PHP equivalent and how that would work.
I've searched online for some guidance but no luck so far. Any help would be appreciated.
1 answers
solution1
2 ACCPTED 2016-11-12 15:15:06
In PHP code for checking Sitefinity hash will looks like:
<?php
//clear password
$passwordInput = "password";
//from sf_users column [salt]
$userSalt = "2E1C1CEF99E6EF066E9C803974D17419";
//from sf_users column [passwd]
$userPassword = "G1MJiJw3zpBVdZBKViZUfEvTpZA=";
//from App_Data\Sitefinity\Configuration\SecurityConfig.config attribute "validationKey"
$validationKey = "24152EC6E594970CBEA98B5C10D878D65EF73964AAF44F1CCD3E0FBE95A5F2EFC89C0124B9B025581D38ED6EC846453249FD998ABDAE9453302B8BAB97BA1D0C";
$str = $passwordInput.$userSalt;
$utfString = mb_convert_encoding($str, "UTF-16LE");
echo $userPassword == base64_encode(hash_hmac('sha1', $utfString, hex2bin($validationKey), true))? 'true' : 'false';
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.