PHP connection and account creation

[Puppy]

Hey ho, once again. So, I've been doin' around and I was able to manually make accounts and bound all information to them, however I'd like to that via the PHP and open SQLite connection, integrate all the data I need and then just jump out of it. However, as I found no information concerning if it's possible I came to conclusion that it just is(If I can edit something manually I should not have problem doing it automically right?) so my only concern would be

 

A ) stability if I make website and PHP connect to the running server would engine be able to handle it? (I know it edits the database live, but I am not changing values just adding new information, at least for now) 

 

B ) salt generation, and while I understand that the currently engine is NOT open sourced but perhaps it could be said how does algorithm look or just how to replicate it? (I have no idea about encription so i am green as leaf here)

 

So I have website, that can handle input, passes it onto PHP which connect to the database and injects it into the server's database so in theory if I connect all the information rightly I should have no problem running it? Or am I missing something big again?

[jcsnider]

The current hashing information you want is as follows:

 

Take the plaintext password. Hash it's UTF8 representation with SHA256.  Remove any dashes (-) in that hash.

 

C# Code

hashed_password = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(plaintext_password.Trim()))).Replace("-", "");

 

You then take that hashed value, concatenate that with the salt stored in the database and hash it with SHA256 again replacing the dashes again.

 

C# Code

result = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(hashed_password + salt))).Replace("-", "");

 

That final value is what you can check against in the database.  Hope this helps!

[Skaveron]

+1

 

It would be interesting to know if we could build a web interface around the game's database.

[Pigot]

Yes, that would be cool

[Phenomenal]

@antarcticPuppy Love this idea but just wanted to say that there is already salt generation.

[Puppy]

2 hours ago, PhenomenalDab said:

@antarcticPuppy Love this idea but just wanted to say that there is already salt generation.

Could you link me to it? I tried looking for it but without any good find. If I had salt generator I could within 2-3 hours create working quarry.

@PhenomenalDab @Pigot@Skaveron

Alright TL;DR pre-edit:

<shameless>i could rent someone to do it for us, but if we ain't sharin' price I ain't sharin' project <Yes I am dick, but if I do something professionally and do full register website from my own pocket then let's be honest...</shameless>

my non-pro :

1. Website and server on dedicated server
2. Fully working database reading during working server, refresh rate set to 1h, albeit i'd probably want to dump database once a 6 hours and import into MYSQL for easier acess and I can have 2 servers so I don't over-cap my game-instance server, still gotta figure it out
3. Anyway, I am able to read and write stuff into server and it works, however I still have to fully hand-add all the stuff connected to the account (inventory, spells etc) which shouldn't be problem as it's one time template with some player input.
4. Seems like there are no problems with accessing database while server is running still has to test it tho

 

How do it?

1. Use SQLite DL's
2. Add SQLite code to your PHP
3. Connect your database to PHP
4. Do all the complicated SQLite shit (I might do the tutorial on it, but I'm still not good in SQLite

 

[Skaveron]

Alright, I've had a peek in the database file last night. Here's my two cents.

 

19 hours ago, PhenomenalDab said:

Love this idea but just wanted to say that there is already salt generation.

 

The password salt is stored in the database, which is great. But we don't know what sort of encryption is used, or what the algorithm is. (E.g.  hash($password + $salt) or hash(hash($password) + $salt), etc.) If we have the algorithm and the encryption type, we can let players login with their account on a website.

 

19 hours ago, antarcticPuppy said:

@antarcticPuppy

 

How do it?

1. Use SQLite DL's
2. Add SQLite code to your PHP
3. Connect your database to PHP
4. Do all the complicated SQLite shit (I might do the tutorial on it, but I'm still not good in SQLite

 

As far as I know, SQLite is pretty similar to MYSQL. It lacks a few advanced features like RIGHT JOIN, Foreign Key constraints and some permissions stuff, though as long as you stick to basic queries you should be fine. Personally though, writing SQL in a web app is old hat. I would use a framework with a working ORM instead and let that take care of your database functions. I use Laravel myself, though I've heard good things about Medoo, which is a far smaller app. I'll mess around with this more over the weekend.

[Puppy]

@Skaveron I'll try fooling around with it Thanks!

 

What I had in mind was basicly something like this : (extending what I wrote ealier)

1. Website with account creation directly on the server with database
2. However, all informations I'd prefer to actually store in other MYSQL online database
3. So probably having a 1-hour copy of the SQLite database, move it to MYSQL on other server so players can check housing. levels and shit (sure 1 hour is not that 'fresh info')
4. However, I'd do that mostly to make sure that my main server is running as smooth as possible and I don't want to waste precious connections and pings on showing what level what character is etc, as long as I am small I won't have money for proper big server that can handle it all easly.
5. And while were at It, I'd love login server separation, getting wishful tho ahah.

Just took a quick look at those, and honestly they seems to not improve life of such newbe as I am, I think I don't feel comfortable with those for now, so I'll just probably create template by hand!

[Skaveron]

Awesome! Now I've got something to do this weekend, other than curse at my abominable art skills.

[Skaveron]

Got an addendum question if you don't mind. I'm trying to extrapolate information from the data fields to get, for example class names. Are the data fields encoded in some way?

 

Currently I'm getting '<see attachment>' from the BLOBs, which is going to be rather hard to make sense out of.