Banshee
the secure PHP framework

Forum

banshee-5.4.tar.gz requires PHP >= 5.5.0

new banshee user
18 october 2016, 18:11
stumbled with

Fatal error: Call to undefined function hash_pbkdf2() in /home/newbansheeuser/public_html/libraries/security.php on line 41

hash_pbkdf2
(PHP 5 >= 5.5.0, PHP 7)

hash_pbkdf2 — Generate a PBKDF2 key derivation of a supplied password
Hugo Leisink
18 october 2016, 18:14
What PHP version do you use?
new banshee user
18 october 2016, 18:20
5.3.8 provided by hosting company
new banshee user
18 october 2016, 18:24
Is it possible to use crypt() and obtain same result?

hash_pbkdf2(PASSWORD_HASH, $password, hash(PASSWORD_HASH, $salt), PASSWORD_ITERATIONS, 0);
new banshee user
18 october 2016, 18:30
https://defuse.ca/php-pbkdf2.htm

Are there php functions calls > 5.3.8 in other files? If only hash_pbkdf2 I think I could fix it, if a lot, maybe I better try my luck on other frameworks
Hugo Leisink
18 october 2016, 19:42
I advice to switch to a better hosting company. 5.3.8 is way too old. No, crypt() will never give you the same result as pbkdf2.
new banshee user
18 october 2016, 20:10
I replace the hash_pbkdf2 function but it still doesn't works
It doesn't allow login with admin and default password banshee
Hugo Leisink
18 october 2016, 20:15
No, because the default password is encrypted with pbkdf2, not with crypt. Encrypt your password with that function, using your username as the salt and place the result in the database.
new banshee user
18 october 2016, 20:20
Thanks, I am aware of that, but why using replacement function still couldn't generate exact hash

https://github.com/rchouinard/hash_pbkdf2-compat/blob/master/src/hash_pbkdf2.php
Hugo Leisink
18 october 2016, 20:22
Don't know. Ask the author of that replacement function...
new banshee user
18 october 2016, 20:30
I suspect there are other issues that cause Login Incorrect, I could reset the password using replacement function

admin , password is integer 1
hash is d4199f78c274e41424b944b7db576843973347a7c03bd3ed124bad3531bcd7d1

why still Login Incorrect
new banshee user
18 october 2016, 23:02
I tried a simple script in php 5.6.26

define("PASSWORD_HASH", "sha256");
define("PASSWORD_ITERATIONS", 100000);
echo hash_pbkdf2(PASSWORD_HASH, "1", hash(PASSWORD_HASH, "admin"), PASSWORD_ITERATIONS, 0);

The output correspondent with the replacement function value above

d4199f78c274e41424b944b7db576843973347a7c03bd3ed124bad3531bcd7d1

No clue why I couldn't log in
Hugo Leisink
19 october 2016, 08:25
I've tested Banshee on several system. It all works there. Others have used it, no problems there. There must be something different or missing on your system. I don't know what that is.

Try adding simple print statements to the code to see at what point the password is rejected.
Message preview

The following BB-codes are available in a message:

  • [b]Bold text[/b]
  • [center]Center text or imagen[/center]
  • [color=color name or #RGB code]Colored text[/color]
  • [i]Italic text[/i]
  • [img]Link to image[/img]
  • [right]Align text or image right[/right]
  • [s]Strike-through text[/s]
  • [size=pixelsize]Big or small text[/size]
  • [u]Underlined text[/u]
  • [url]Link to website[/url]
  • [url=link to website]Link text[/url]
Back
Built upon the Banshee PHP framework v6.3CMS