vb.org Archive - View Single Post - md5 password authentication on non-vb pages.

Aceman · #5 04-30-2004, 02:28 AM

A friend of mine who's a PHP GOD.. helped me figure this one out. Daneel.. you da man!

You can use the following code to accept a username and password from a form and then compare it to what's stored in the VB3 Database. NOTE This takes into account the md5 and salt encryption. It works perfectly for me.

Code:

// hostname or ip of server
	$servername='localhost';

	// username and password to log onto db server
	$dbusername='?????????';
	$dbpassword='?????????';

	// name of database ($dbname2 is my VB3 database)
	$dbname='MY_contest';
	$dbname2='MY_forum';

	/* Connecting, selecting database */
	$link = mysql_connect($servername, $dbusername, $dbpassword)
		or die("Could not connect");
	print "Connected successfully<br><br>";
	mysql_select_db($dbname2) or die("Could not select database");

	/* Necessary fields filled? */
	if (!$username || !$password || !$name || !$country || !$email || !$picture || !$stats)
		die("Fill in all necessary fields.");


	/* password correct? */
	$query = "SELECT salt, password FROM user WHERE username='$username'"; 
	$result = mysql_query($query) or die("The information you entered does not match our records.");
	$row=mysql_fetch_array($result);

	$dbpassword = $row['password'];
	$salt = $row['salt'];	

	if ($dbpassword == md5(md5($password). $salt)) {
		print "Password correct<br><br>";
	}
	else {
		die("password not correct!");
	}

Then just place the rest of whatever you need your page to do after the password comparison.

I honestly have yet to find this code posted anywhere on VB.org and VB.com so I hope this helps someone!

Aceman

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.02158 seconds Memory Usage 1,767KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: