2017-10-21, 01:50 AM
UPDATE:
See my comment below to see how I did it.
I am writing a bot that integrates with Discord (just for context) and was wondering how the posthash is generated?
I see based on some snooping and testing that the data sent during a reply (specifically a quick reply) is as follows:
(This is the POST data)
my_post_key: <KEY>
subject: <SUBJECT>
action: do_newreply
posthash: <POST HASH>
quoted_ids: <INT>
lastpid: <INT>
from_page: <INT>
tid: <INT>
method: quickreply
message: <MESSAGE CONTENT>
Based on some testing, my_post_key is a constant value for each user, so I have that, but I am wondering if there is a way for me to generate the posthash? I was able to generate the logoutkey by running the loginkey through an md5 encryption. But I am unsure how to do the same with the post hash.
Is it related to the lastpid or pid (ie. the md5 encryption of the pid or something to that effect?) Also, how would I set the lastpid, do I even need to define it?
I've already been able to make the script login and sustain and login, as well as log out. My next step is to get it to post to a specific thread based on input from the user (that is where discord is coming in, when triggered from discord it will post the specified text. But I've got the discord portion complete)
EDIT:
Based on some more searching I found the line in newreply.php that generates the posthash:
If I am reading this right, all its doing is running a random string through the md5 hash and using that? So I should be able to do a similar thing in python, generate a random string and run it through the md5 hash.
See my comment below to see how I did it.
I am writing a bot that integrates with Discord (just for context) and was wondering how the posthash is generated?
I see based on some snooping and testing that the data sent during a reply (specifically a quick reply) is as follows:
(This is the POST data)
my_post_key: <KEY>
subject: <SUBJECT>
action: do_newreply
posthash: <POST HASH>
quoted_ids: <INT>
lastpid: <INT>
from_page: <INT>
tid: <INT>
method: quickreply
message: <MESSAGE CONTENT>
Based on some testing, my_post_key is a constant value for each user, so I have that, but I am wondering if there is a way for me to generate the posthash? I was able to generate the logoutkey by running the loginkey through an md5 encryption. But I am unsure how to do the same with the post hash.
Is it related to the lastpid or pid (ie. the md5 encryption of the pid or something to that effect?) Also, how would I set the lastpid, do I even need to define it?
I've already been able to make the script login and sustain and login, as well as log out. My next step is to get it to post to a specific thread based on input from the user (that is where discord is coming in, when triggered from discord it will post the specified text. But I've got the discord portion complete)
EDIT:
Based on some more searching I found the line in newreply.php that generates the posthash:
$mybb->input['posthash'] = md5($thread['tid'].$mybb->user['uid'].random_str());
If I am reading this right, all its doing is running a random string through the md5 hash and using that? So I should be able to do a similar thing in python, generate a random string and run it through the md5 hash.