monovm Posted October 22, 2017 Share Posted October 22, 2017 we use uid and upw for logining in to whmcs in our own application. i think after whmcs7.3 algorithm of generation of upw have been changed. we used this algorithm before whmcs 7.3 and it was worked fine . $_SESSION['upw'] = sha1($userRow['id'] . $userRow['password'] . $_SERVER['REMOTE_ADDR'] . substr(sha1($cc_encryption_hash),0,20)); i want to know is this algorithm have been changed ? 0 Quote Link to comment Share on other sites More sharing options...
MartinW Posted October 24, 2017 Share Posted October 24, 2017 Hi, I would agree that it has been changed. I asked their support but 'due to the sensitive nature of the hashing functionality that WHMCS replies upon' they refuse to go into any further details on how it is generated. They offered to help find an alternative, but given how long it took for them to answer my question properly, I'll build my own solution. Thanks, Martin 0 Quote Link to comment Share on other sites More sharing options...
WHMCS Developer WHMCS Andrew Posted October 25, 2017 WHMCS Developer Share Posted October 25, 2017 On 22/10/2017 at 4:58 PM, monovm said: $_SESSION['upw'] = sha1($userRow['id'] . $userRow['password'] . $_SERVER['REMOTE_ADDR'] . substr(sha1($cc_encryption_hash),0,20)); Put a | between each value. Ideally you would use the Validate Login API command and use the passwordHash response from there - https://developers.whmcs.com/api-reference/validatelogin/ 1 Quote Link to comment Share on other sites More sharing options...
MartinW Posted October 25, 2017 Share Posted October 25, 2017 Thanks Andrew, I can confirm this works! 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.