Oh, one more thing that just occurred to me: normally a password the user enters is hashed with a javascript function before it's sent to the server (which is why the verify_authentication() function checks for a plain text password or md5(password). If you search the templates for md5hash, you'll find where this is done.
I also just noticed that you asked for "detailed step by step instructions", and that's not what I gave you. Sorry, I guess it's a little too complicated for that (although someone else might take a shot at it).
|