Thread: User and Password synchronization
View Single Post
  #4  
Old 04-05-2012, 05:36 PM
nullified nullified is offline
 
Join Date: Mar 2005
Posts: 8
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Hello kh99, (and Zachery /edit)

thanks for your reply:

On 1: Yeah, I thought that might be as easy as that, thanks. :-)

On 2:

Yes, that wasn't very clear (and I actually made a thinking mistake that muddled it further): in essence, I was thinking about wether it would be possible to simply write md5(<md5hash>) to the password field in the database and remove the salting from verify_authentication.

Then again, a more practical option (that is, one that doesn't break a vBulletin function) should be:

When a new user is added during nightly synch:
1. Call register_addmember with md5 from synchronized file

/edit (see below)
1. Register user and generate random password
2. Read his salt
3. Read his md5 hash from the synchronized file.
4. Salt this md5hash with his salt.
5. Write this to the password field.


On nightly synchronization:
1. Read password and salt field from vB database
2. Read synchronized file and get his md5 hash from there
3. hash and salt md5 from synchronized file
4. Compare the two and replace hash in password field if they don't match.

Would that work?


/edit

Actually, I don't even need to go that far, I just had a look at the API and register_addmember actually allows you to specify plain md5 --> problem solved there. There isn't by chance a setpassword API call that accepts md5, is there? I don't really mind writing the 30k passwords every night, at least for a proof of concept. ;-)

/edit (again)
There is profile_editpassword and profile_updatepassword -- those might actually work, but I haven't found documentation on them (I just looked through the files now)
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01212 seconds
  • Memory Usage 1,765KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete