The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
10-04-2003, 09:25 PM
|
|||
|
|||
External PRG to access VB Database
I have been working on a subscription module for VB3. It works fine for VB2. My problem is (like most) in the new dual hash/salt routines. I have figured out the dual md5 hash thanks to searching the forums, yet my troubles lay in the area of the salt routine.
My external php application has a database of its own, and when a customer registers thru this application, it creates its database tables there, and moves over to create the information in the VB3 database. I cannot figure out the salt to save my life. The password works, but if you write the info to the VB database, without the data on the salt table, theres some crazy things that happen when you try to login. (An inverted forum!!). Heres the basic shell of this function. Any help you can offer me on this would be much appreciated. Im about to use the PC as a boat anchor, and most of my hair has been pulled out over the last 4 hrs of me picking at this. Save what little bit of hair I have!! Code: function vbulletin_added($member_id, $product_id, $member){ global $db, $config, $plugin_config; $this_config = $plugin_config['protect']['vbulletin']; $vb_db = $this_config['db']; $max = vbulletin_get_max($member['data']['status']); if ($max < 0) return; foreach ($member as $k=>$v) $member[$k] = $db->escape($v); $q = $db->query("SELECT password, usergroupid FROM {$vb_db}user WHERE username='$member[login]' "); list($p,$ul) = mysql_fetch_row($q); $dat = date('M d, Y'); $pass = md5(md5($member['pass']).$salt); if (!$ul){ //user not exists $db->query($s = "INSERT INTO {$vb_db}user (usergroupid, username, password, email, joindate, daysprune, pmpopup, salt ) VALUES ($max, '$member[login]', '$pass', '$member[email]', unix_timestamp(), -1,1,'$salt' ) "); $vb_user_id = mysql_insert_id(); $db->query($s = "INSERT INTO {$vb_db}userfield (userid) VALUES ($vb_user_id) "); } else { $denied = join(',', $this_config['denied_levels']); $db->query($s = "UPDATE {$vb_db}user SET password='$pass', usergroupid=$max WHERE username='$member[login]' AND usergroupid NOT IN ($denied) "); } } In the searching that I have done here, I found the salting routine used in function.php which is: // ###################### Start makesalt ####################### // generates a totally random string of $length chars function fetch_user_salt($length = 3) { $salt = ''; for ($i = 0; $i < $length; $i++) { $salt .= chr(rand(32, 126)); } return $salt; } But I havent been able to successfully include it in my above script. Any help you can administer to this rambler would make you THE supreme one in my eyes. Thanks! 
|
«
Previous Thread
|
Next Thread
»
Threaded Mode
|
|
All times are GMT. The time now is 01:56 AM.