Arrangements
04-08-2008, 04:42 PM
I've made the hard choice to have my site's user system synchronize with my vb forum users.
I'm creating the registration page right now on my main site; and I've hit a dead end.
I came to this:
$encpass = sha1( SALT . $password );
I'v defined it:
define('SALT', 'something');
So my question of problem is, wouldn't the password be encrypted differently on vb then on my mainsite? How does vb encrypt their passwords?
Edit: Okay after doing some searching, I found this md5(md5($password) . $salt);
to be the way vb hash's up the password. Right? Correct me if I'm wrong.
And then $salt needs needs to pulled from vb's database to check the password on my mainsite.
Now here comes the 2nd part Cookies?
$_COOKIE:
{cookiepfx}userid - plain(userid)
{cookiepfx}password - md5(md5(md5('PlaintextPassword') . salt) . 'LicenseNo').
Why is it does it use md5() 3 times?
Does that mean when I authenticate their cookie information I need to say.. 'reverse the md5()' once and then I can SELECT?
I'm creating the registration page right now on my main site; and I've hit a dead end.
I came to this:
$encpass = sha1( SALT . $password );
I'v defined it:
define('SALT', 'something');
So my question of problem is, wouldn't the password be encrypted differently on vb then on my mainsite? How does vb encrypt their passwords?
Edit: Okay after doing some searching, I found this md5(md5($password) . $salt);
to be the way vb hash's up the password. Right? Correct me if I'm wrong.
And then $salt needs needs to pulled from vb's database to check the password on my mainsite.
Now here comes the 2nd part Cookies?
$_COOKIE:
{cookiepfx}userid - plain(userid)
{cookiepfx}password - md5(md5(md5('PlaintextPassword') . salt) . 'LicenseNo').
Why is it does it use md5() 3 times?
Does that mean when I authenticate their cookie information I need to say.. 'reverse the md5()' once and then I can SELECT?