Tweet
Code:
SELECT password FROM user WHERE userid = x or userid = y
-
Run that query to get the password hashes, replace x and y with their userids. -
[edit]
n/m
N9ne got there first
Are you bored again?
[/edit]
You can compare two user's password hashes with this query:
SELECT userid, username, password FROM user WHERE userid = x OR userid = y;
where 'x' and 'y' are the userids of the two users.Sig? What sig?Comment
-
That's what I was implying ... comparing the password hashes may turn out to be a longshot too, depending on how paranoid or smart the user is...Originally posted by DarkDelight.net
If he had some browser detection hack in WOL, he can also get an idea from it - if they are both using IE while viewing the page at the same time and are viewing different pages, then most likely they are two different users, since the same browser can only be cookied one user at a time ... unless there is some other exploit to this that I don't know about
OPEN TECH SUPPORT
"Tech is our middle name!"Comment
-
Sorry. I thought you were saying that one person with one account and two browser windows open would show up think this.Originally posted by TolitzSig? What sig?Comment
-
I wouldn't put anything past IEOriginally posted by TolitzThat's what I was implying ... comparing the password hashes may turn out to be a longshot too, depending on how paranoid or smart the user is...
If he had some browser detection hack in WOL, he can also get an idea from it - if they are both using IE while viewing the page at the same time and are viewing different pages, then most likely they are two different users, since the same browser can only be cookied one user at a time ... unless there is some other exploit to this that I don't know about
Comment
-
Ok I run the query. The password hashes seem different.
Now I might have messed up with something :
should I worry ?Comment
-
Try and remove the index, not sure how but I'm sure there's a way...Originally posted by stark427Ok I run the query. The password hashes seem different.
Now I might have messed up with something :
should I worry ?Comment
-
I wouldn't know how, eitherOriginally posted by N9ne
Comment
-
Go back into the user table in phpmyadmin and scroll down to something that looks like the attachment here.
Drop the index or fulltext on password if they exist. (marked in yellow)
DO NOT drop the table! (red x)Attached FilesLast edited by DarkDelight.net; Sat 6 Sep '03, 5:18am.Sig? What sig?Comment
-
-
Heh - not that is has a whole lot to do with it, but on my forum we've banned hotmail and yahoo addresses - seems to have cut down on the trolling and stuff - and I mean c'mon everyone who uses the internet should have a real email addy no matter what
Comment
-
thank youOriginally posted by DarkDelight.net
Comment
-
You're quite welcome.Originally posted by stark427thank you
Sig? What sig?Comment
-
My target groups is 99% Greek people.Originally posted by Gavin.Heh - not that is has a whole lot to do with it, but on my forum we've banned hotmail and yahoo addresses - seems to have cut down on the trolling and stuff - and I mean c'mon everyone who uses the internet should have a real email addy no matter what
Now consider these :
In Greece they still advertise ISDN 64 and 128 (insert !!!!!! + LOL here), and it's been less than 5-6 months that ADSL is available... but it is available at prices that are ridiculously HIGH (you won't believe how expensive it is). As for CABLE, Greek home users have no idea what it is
Not all companies have broadband, or Internet at all - sometimes, there.
That said, along with some other annoying facts, can easily lead to the conclusion that Greek people are not really familiar with Internet, at least not as much as people from other countries.
Now, I have 550 members : 170+ of them are using hotmail addresses. 124 use yahoo addresses. That is : almost 300 out of my 550 members are using those 2 domains.
So, excluding/banning them, would be like killing my board
p.s. so happy I live in LondonComment
-
You can ban a domain so that future users can't use it and still allow existing users to keep banned addresses.Sig? What sig?Comment
-
Yes but still, considering that most Greek people have Yahoo and Hotmail as primary emails... it would probably piss them off to see that they cannot use them to register, right? (talking about the new users)Originally posted by DarkDelight.netComment
Comment