[DarkScythe]

Thanks again for the informative reply.
I'm sorry, I must be a pain in the butt with all these questions, but I do appreciate the help.

I took a look at that function and I believe your talking about this one?

PHP Code:

        if (
            $vbulletin->userinfo['password'] != iif($password AND !$md5password, md5(md5($password) . $vbulletin->userinfo['salt']), '') AND
            $vbulletin->userinfo['password'] != iif($md5password, md5($md5password . $vbulletin->userinfo['salt']), '') AND
            $vbulletin->userinfo['password'] != iif($md5password_utf, md5($md5password_utf . $vbulletin->userinfo['salt']), '')
        ) 


That seems to compare the password against several factors in order to fully hash it. I suppose disabling client-side hashing would be a bad idea, but I don't want to replace vB's MD5 system with SHA1. I did it with phpBB but it was in a couple places so it was annoying to track down, and that also would probably break update scripts. If you mean SHA1 the MD5 hash itself, I'm not sure what that would accomplish.. the user would then have to enter the MD5 hash in order to log in to EE then, would they not?

Could I simply add an extra line into that if statement to re-encode the base $password (I assume this is the plaintext one it discards) into SHA1 and place it in another variable, then simply call that variable when I need it?

As for the datamanagers, if they're only used for putting data *into* vB, then perhaps they may come in handy when I do the reverse from EE, although is this required? With phpBB, all I needed to do was plug in a few 'required' database fields manually and I had a fully active user.

As an aside, I figured out vB has an option to force birthdays as required.. vB certainly has an exhaustive options panel compared to phpBB, I'm still not fully through that thing yet. I'm glad vB also has options for minimum username length, but there doesn't appear to be a similar one for password lengths.. the mods I've found don't seem to support the latest version.

After this, I still need to track down places where the user/admin can change their password and email.. Forgot password form, profile options, and admin panel off the top of my head - am I missing any?