I am writing a comment script for the news section of my website and I would like to make it so that users have to be registered on the forums to comment. I would like to set it so that when they input their password, the script queries the vB database, checks their input username and password and see if it matches the database. If so, the script should then send the comments to the main page database.

I have the entire script written except for the password check system. I just want to know what the code would be?

I'm assuming it would be similar to the check code for the forums:

if ($bbuserinfo['password'] != iif($password AND !$md5password, md5(md5($password) . $bbuserinfo['salt']), '') AND $bbuserinfo['password'] != md5($md5password . $bbuserinfo['salt']))

SELECT userid FROM user WHERE username = 'foo' AND password = MD5(CONCAT(MD5('bar'), salt))


Where foo ist the username and bar is the password.
If this query returns a row the username/password-combination is valid

I figured it out last night:

$sql = "SELECT username, password, salt FROM user WHERE username = '$xUsername' LIMIT 0,1";
$query = mysql_query($sql);
$records = mysql_num_rows($query);
while ($result = mysql_fetch_array($query)) {
extract ($result);
if ($records == '1') {
$md5password = md5(md5($xPassword). $salt);
if ($password == $md5password) {
echo "Login: Valid";
} else {
echo "Login: Invalid";
}}
if ($records == '0') {
echo "Invalid Username<br>";
}

That worked out perfectly. I didn't know about the 'salt' variable.

What is the status of this script?

Does anyone know of script similar to this http://www.mylittlehomepage.net/comment_script?

It should use a dedicated news comment forum (each news item being a single thread) and that requires the user to be logged in?