vb.org Archive - Creating a Login Script

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - Creating a Login Script (https://vborg.vbsupport.ru/showthread.php?t=93652)

10sion

08-05-2005 04:39 AM

Creating a Login Script

Alright im trying to create a login script for the forum, dont ask me why but I need to create another one that logs the user in the forums, one thing got me stuck though, vbulletin encrypts the passwords and I cant figure out there encryption method.

All I need to do is compare the posted password (then encrypt it and i dont know how) to the password in the database, anyone care to show me how to encrypt it, NOTE: I cannot include any of the vbulletin files in my code.

Heres what you have to work off of:

<?php
$username = $_POST['username'];
$password = $_POST['password'];
?>

I know the password is not just md5'ed i saw something like utf, never heard of it, and theres a salt stored in the database for each user, dont know what its for... please help its really important :D.

Marco van Herwaarden

08-05-2005 07:19 AM

Do a search on 'password salt' in the General Modification Discussion section and you will find many threads anwering this.

Colin F

08-05-2005 08:29 AM

md5( md5( password ) . $salt ); is how the password is saved in the database

10sion

08-05-2005 04:58 PM

Alright thanks, I wrote up this code:

Code:

                $query[select1] = mysql_query("SELECT userid, username, password, salt FROM user WHERE username='".$_POST[username]."' LIMIT 1");

                $fetch[select1] = mysql_fetch_array($query[select1]);

                print md5(md5($_POST[password]).$fetch[select1][salt]);

And what it printed out wasnt the same password that was stored in the database...

AN-net

08-05-2005 06:00 PM

why cant u include any vbulletin files?

10sion

08-05-2005 06:19 PM

Because im running this on a diffrent domain than the forums are on (but on the same server).

Im already connected to the database I just need to somehow get the posted password to encrypt correctly to match the one in the database >_>

10sion

08-07-2005 12:59 AM

I read somewhere that md5 encrypts diffrently for diffrent domains, is this true? I thought it was just diffrently for each server... the domain thing isnt gonna be a problem for md5 is it?

Man im stupid, the query wasnt fetching because me being my forgetful self forgot to include config.php so I wasnt even connected to the database, and the script wasnt showing that there was an error, so didnt look like there was anything wrong, I fixed that, now it matches up to the one in the database, thanks again.

All times are GMT. The time now is 06:25 AM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.00913 seconds Memory Usage 1,717KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (7)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: