Hi!
Having a problem with generating hash for hyperlink:
I have a report r=1427. It has no parameters.
From sha1('1427secret') I have b834372fab268025300408c2c4370b7215ba34a8.
While the report has a hash 21df69b8474a63eaf0d233959254c767efa8e4b1.
What am I doing wrong?
generating hash for url
(7 posts) (2 voices)-
messygr, Member
-
myDBR Team, Key Master
The 'b834372fab268025300408c2c4370b7215ba34a8' is a valid hash for that report + seed. Did you check that the seed value is really 'secret'?
Do you have the m-parameter in the second URL?
--
myDBR Team -
messygr, Member
Yes, the url contains m-parameter:
report.php?r=1427&m=4&h=21df69b8474a63eaf0d233959254c767efa8e4b1&i=1.
But the sha1('1427m4secret') also provides incorrect hash.As for seed value I can see in server_side_files/sso/phpBB_sso these lines:
define( 'MYDBR_SECRECT', 'secret');
..
$hash = sha1( $user . $name . $groups . $email . $admin .$token . MYDBR_SECRECT ); -
myDBR Team, Key Master
The seed value in use is defined in
Environment settings→Authentication / security→URL hash seed.The server_side_files/sso/phpBB_sso.php is just a sample Single Sign-On implementation for phpBB bulletin board software.
--
myDBR Team -
messygr, Member
Well, 'URL hash seed' field is empty in my case.
-
myDBR Team, Key Master
Click the 'Randomize'-button to generate one or come up with your own seed value, save the changes and you are good to go.
--
myDBR Team -
messygr, Member
Thank you!
Reply
You must log in to post.