Account Creation

Hi, I know this isn't a WoW forum, but since this is the program giving me problems, I thought I may as well make a thread.

See, I have my Ascent server. Even got on it for a bit (admin, admin).
But then I changed the password and username, and now, when I load MySQL, it says the encrypted password has an incorrect number of bytes and is disabled, thus, I can't logon.

Is there anything I can do? It does this with every single account, too.

Which repack are you using. Also, when you say you changed your username and password, "how" did you change it? Did you go into the database and change it manually? If so, the password is hashed so by manually changing it will mess it up. I'll wait for your response to make sure this is the case before I explain how to fix it.

Thank you very much for replying.

I'm using AC Repack 7.8, and in Heidi, I went to logon --> accounts --> view data. Then I just changed "admin, admin" to what I wanted. And now it won't allow me on.

I'm also concerned because I want other people to get on, and I need to be sure I can make this stuff work.

Well, to fix it, go back there and put the following info in:

login: admin
password: admin
encrypted_password: 8301316d0d8448a34fa6d0c6bf1cbfa2b4a1a93a


That should set you back to normal. I'll be right back with how you should change the password.

hmm.. I've figured out that it's a SHA1 hash, but the SHA1 hash of "admin" is d033e22ae348aeb5660fc2140aec35850c4da997

So, the "encrypted_password" field is NOT an SHA1 has of the "password" field.

I'll keep trying to investigate.

Yeah, screw it. Ascent really pisses in my cherios sometimes. It's not clear at all how to create an account now that they've added in the encrypted_password field. The closest thing I've come to is this piece of code:

function addUser(){
if (empty($_POST)) return false;
global $config, $msg, $error;
if (empty($_POST['login'])) $error[] = 'Error, You forgot to enter a account name!';
if (empty($_POST['password'][0]) || empty($_POST['password'][1])) $error[] = 'Error, You forgot to enter a password!';
if ($_POST['password'][0] !== $_POST['password'][1]) $error[] = 'Password does not match!';
if (empty($_POST['email'])) $error[] = 'Please fill in a valid email adress!';
if (!empty($error)) return false;
$db = @mysql_connect($config['mysql_host'], $config['mysql_user'], $config['mysql_pass']);
if (!$db) return $error[] = 'Database: '.mysql_error();
if (!@mysql_select_db($config['mysql_dbname'], $db)) return $error[] = 'Database: '.mysql_error();
$query = "SELECT `acct` FROM `accounts` WHERE `login` = '".mysql_real_escape_string($_POST['login'])."'";
$res = mysql_query($query, $db);
if (!$res) return $error[] = 'Database: '.mysql_error();
if (mysql_num_rows($res) > 0) return $error[] = 'Username already in use.';
$query = "INSERT INTO `accounts` (`login`,`password`,`lastip`, `email`, `flags`) VALUES ('".mysql_real_escape_string($_POST['login'])."', '".mysql_real_escape_string($_POST['password'][0])."', '".$_SERVER['REMOTE_ADDR']."', '".mysql_real_escape_string($_POST['email'])."', '8')";
$res = mysql_query($query, $db);
if (!$res) return $error[] = 'Database: '.mysql_error();
$msg[] = 'The Account <span style="color:#00FF00"><strong>'.htmlentities($_POST['login']).'</strong></span> has been created!';
mysql_close($db);
return true;
}

But as you can see, I think it's for the 7.6 repack, where there was no encrypted_password field.

It's probably some SHA1 encrypted combination of password and something else.

Well, thank you for all the help you've given me.

That did indeed work.

But, my question now is, how am I supposed to change my username/password, and get other people to be able to use it?

Sorry, I'm a complete noob when it comes to code and SQL and such...

Any more help you could give me would be amazing...

Now I just need to work on a site and making my server public.

Well, since this is clearly not a "HeidiSQL" issue, let's continue this thread on Ascent's forums. I think it'd be more appropriate there. :)