Login Script

[Bone Head]

I posted this at Vbulletin.com and they said I should post it here

As I mentioned in the other thread we use Vbulletin as the back bone of our site as many folk do, since the upgrade to v3 we havent been able to log our users into the passworded areas of our site because I cant get the login page working.

The login page is created with PHAkt which is a dreamweaver MX extension, lame I know but I'm still learning php :ermm:

This is the script that PHAkt creates:

Code:

<?php
//Connection statement
require_once('../Connections/Comms.php');
//Aditional Functions
require_once('../includes/functions.inc.php');
// *** Start the session
session_start();
// *** Validate request to log in to this site.
$KT_LoginAction = $HTTP_SERVER_VARS["REQUEST_URI"];
if (isset($HTTP_POST_VARS["user"])) {
  $KT_valUsername = $HTTP_POST_VARS['user'];
  $KT_fldUserAuthorization = "";
  $KT_redirectLoginSuccess = "sucess.php";
  $KT_redirectLoginFailed = "failed.php";
  $KT_rsUser_Source = "SELECT username, password ";
  if ($KT_fldUserAuthorization != "") $KT_rsUser_Source .= "," . $KT_fldUserAuthorization;
  $KT_rsUser_Source .= " FROM user WHERE username='" . $KT_valUsername . "' AND password='" . $HTTP_POST_VARS['pass'] . "'";
  $KT_rsUser=$Comms->Execute($KT_rsUser_Source) or DIE($Comms->ErrorMsg());
  if (!$KT_rsUser->EOF) {
	// username and password match - this is a valid user
	$KT_Username=$KT_valUsername;
  
	KT_session_register("KT_Username");
	if ($KT_fldUserAuthorization != "") {
	  $KT_userAuth=$KT_rsUser->Fields($KT_fldUserAuthorization);
	} else {
	  $KT_userAuth="";
	}
  
	KT_session_register("KT_userAuth");
	if (isset($HTTP_GET_VARS['accessdenied']) && false) {
	  $KT_redirectLoginSuccess = $HTTP_GET_VARS['accessdenied'];
	}
	$KT_rsUser->Close();
  
	KT_session_register("KT_login_failed");
	$KT_login_failed = false;
	// Add code here if you want to do something if login succeded
KT_redir($KT_redirectLoginSuccess);
  }
  $KT_rsUser->Close();
  $KT_login_failed = true;
  
  KT_session_register("KT_login_failed");
  // Add code here if you want to do something if login fails
KT_redir($KT_redirectLoginFailed);
}
 //PHP ADODB document - made with PHAkt 2.7.3?>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<form name="form1" method="POST" action="<?php echo $KT_LoginAction?>">
Username:
<input name="user" type="text" id="user">
Password: 
<input name="pass" type="password" id="pass">
<input type="submit" name="Submit" value="Submit">
</form>
</body>
</html>

Now I realsie I have to get something like: MD5(CONCAT(MD5($HTTP_POST_VARS['pass']), salt)) in this code and I have tried doing just that but it doesnt work. I would really appreciate some help fixing this code if anyone cares to help.

Fingers crossed TIA Bone