Hi, I am trying to add a user directly into the 'user' table - not using the vBulletin interface and need to know how the password is stored... I have tried to INSERT it as md5($password) but that will not validate... is there some other twist that vBulletin does before it stores the passwords using the GUI... ?

Thanks for any help.

Chris Chaudruc

It double MD5's it and also adds salt (a random key per user per forum).

The best way to manually add a user is via the ACP as you can then add the user details in plain text and then vB does all the encryption for you.

Hi, thanks for your reply... I cannot use the ACP in this instance

So would I do this... to enter the password properly in the db.

md5(md5($salt.$password)) ?

Is it somewhere in the code? I have been all through register.php and cannot find how the password is treated before it is stored... any idea where I Could look?

Thanks for your help

Passwords are: md5(md5('PlaintextPassword'), salt)

Try looking at includes/class_dm_user.php ... the datamanager will also do the work for you.

check in the includes folder, class_dm_user.php there is alot in there around line 69x to like 8xx ?



// ################################################## ###########################
// password related

/**
* Converts a PLAIN TEXT (or valid md5 hash) password into a hashed password
*
* @param string The plain text password to be converted
*
* @return boolean
*/
function verify_password(&$password)
{
if (!($salt = $this->fetch_field('salt')))
{
$this->user['salt'] = $salt = $this->fetch_user_salt();
}

// generate the password
$password = $this->hash_password($password, $salt);

$this->set('passworddate', 'FROM_UNIXTIME(' . TIMENOW . ')', false);

return true;
}

/**
* Verifies that the user salt is valid
*
* @param string The salt string
*
* @return boolean
*/
function verify_salt(&$salt)
{
$this->error('::You may not set salt manually.::');
return false;
}

/**
* Takes a plain text or singly-md5'd password and returns the hashed version for storage in the database
*
* @param string Plain text or singly-md5'd password
*
* @return string Hashed password
*/
function hash_password($password, $salt)
{
// if the password is not already an md5, md5 it now
if ($password == '')
{
}
else if (!$this->verify_md5($password))
{
$password = md5($password);
}

// hash the md5'd password with the salt
return md5($password . $salt);
}

/**
* Generates a new user salt string
*
* @param integer (Optional) the length of the salt string to generate
*
* @return string
*/
function fetch_user_salt($length = SALT_LENGTH)
{
$salt = '';

for ($i = 0; $i < $length; $i++)
{
$salt .= chr(rand(32, 126));
}

return $salt;
}

/**
* Checks to see if a password is in the user's password history
*
* @param integer User ID
* @param integer History time ($permissions['passwordhistory'])
*
* @return boolean Returns true if password is in the history
*/
function check_password_history($password, $historylength)
{
// delete old password history
$this->dbobject->query_write("
DELETE FROM " . TABLE_PREFIX . "passwordhistory
WHERE userid = " . $this->existing['userid'] . "
AND passworddate <= FROM_UNIXTIME(" . (TIMENOW - $historylength * 86400) . ")
");

// check to see if the password is invalid due to previous use
if ($historylength AND $historycheck = $this->dbobject->query_first("
SELECT UNIX_TIMESTAMP(passworddate) AS passworddate
FROM " . TABLE_PREFIX . "passwordhistory
WHERE userid = " . $this->existing['userid'] . "
AND password = '" . $this->dbobject->escape_string($password) . "'"))
{
return true;
}
else
{
return false;
}
}





Edit* someone beat me to it while i was searching for this :D