Password Hashing

I want to create a Legion Registration Site and now i am stuck at the Password hashing you are using.

BattlenetAccountMgr.cpp

line 175-188

			std::string Battlenet::AccountMgr::CalculateShaPassHash(std::string const& name, std::string const& password)
		
	
			{
		
	
			SHA256Hash email;
		
	
			email.UpdateData(name);
		
	
			email.Finalize();
		
	
			 
		
	
			SHA256Hash sha;
		
	
			sha.UpdateData(ByteArrayToHexStr(email.GetDigest(), email.GetLength()));
		
	
			sha.UpdateData(":");
		
	
			sha.UpdateData(password);
		
	
			sha.Finalize();
		
	
			 
		
	
			return ByteArrayToHexStr(sha.GetDigest(), sha.GetLength(), true);
		
	}

As i Understand, you first hash the email with sha256

then you rehash it with the password like email:password

i cant reproduce that in php

public function RegisterBattleNetAccount($email, $password)
{
# $GLOBALS[‘mysqli’]->query(“use {$GLOBALS[‘db_auth’]}”);
//strtoupper
$pass = hash(‘sha256’, strtoupper(hash(‘sha256’, $email)).‘:’.$password);
$pass = strtoupper($pass);
$email = strtoupper($email);
// $stmt = $GLOBALS[‘mysqli’]->prepare(“INSERT INTO battlenet_accounts (email,sha_pass_hash) VALUES (?, ?)”);

 // $stmt->bind_param("ss", $email, $pass);
     // $stmt->execute();       
}

Always returns a wrong hash when i run it with details already in the databse for testing purpose.

I didnt check the code, but are you sure “email” is really the email?
This thread: https://community.trinitycore.org/topic/13163-6x-password-hash-generation/ seems to suggest that the username is used instead of the email, though that may have changed.