Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 Programming Discussions
Reload this Page Login form values
FAQ Members List Calendar Search Today's Posts Mark Forums Read
  #1  
Old 01-22-2007, 01:24 AM
JMH11788 JMH11788 is offline
 
Join Date: Jan 2005
Location: Ohio
Posts: 83
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Login form values
From what I can tell when you submit your password on the login form from vbulletin it will md5 the password value right in the html form, before it gets passed to the php scripts.

Is there anyway to access the pre-md5 so I can get the plaintext value in php?

For example, to get the username submitted by the form I can use:
PHP Code:
$vbulletin->GPC['vb_login_username']; 
So I tried
PHP Code:
$vbulletin->GPC['vb_login_password']; 
but it never returns anything


Is there a way to get the plaintext password submitted?

Thank you in advance,
Jordan
Reply With Quote
  #2  
Old 01-22-2007, 06:54 PM
harmor19 harmor19 is offline
 
Join Date: Apr 2005
Posts: 1,324
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
You have to edit the form so it doesn't hash the password before it's sent.
Reply With Quote
  #3  
Old 01-22-2007, 07:03 PM
JMH11788 JMH11788 is offline
 
Join Date: Jan 2005
Location: Ohio
Posts: 83
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by harmor19 View Post
You have to edit the form so it doesn't hash the password before it's sent.
That's kinda what I figured. What exactly do I change though?

HTML Code:
		<!-- login form -->
		<form action="login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])">
		<script type="text/javascript" src="clientscript/vbulletin_md5.js?v=$vboptions[simpleversion]"></script>
		<table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">
		<tr>
			<td class="smallfont"><label for="navbar_username">$vbphrase[username]</label></td>
			<td><input type="text" class="bginput" style="font-size: 11px" name="vb_login_username" id="navbar_username" size="10" accesskey="u" tabindex="101" value="$vbphrase[username]" onfocus="if (this.value == '$vbphrase[username]') this.value = '';" /></td>
			<td class="smallfont" colspan="2" nowrap="nowrap"><label for="cb_cookieuser_navbar"><input type="checkbox" name="cookieuser" value="1" tabindex="103" id="cb_cookieuser_navbar" accesskey="c" />$vbphrase[remember_me]</label></td>
		</tr>
		<tr>
			<td class="smallfont"><label for="navbar_password">$vbphrase[password]</label></td>
			<td><input type="password" class="bginput" style="font-size: 11px" name="vb_login_password" id="navbar_password" size="10" tabindex="102" /></td>
			<td><input type="submit" class="button" value="$vbphrase[log_in]" tabindex="104" title="$vbphrase[enter_username_to_login_or_register]" accesskey="s" /></td>
		</tr>
		</table>
		<input type="hidden" name="s" value="$session[sessionhash]" />
		<input type="hidden" name="do" value="login" />		
		<input type="hidden" name="vb_login_md5password" />
		<input type="hidden" name="vb_login_md5password_utf" />
		</form>
		<!-- / login form -->
Can I just change
HTML Code:
onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])"
to
HTML Code:
onsubmit="vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty]"
would that work?
Reply With Quote
  #4  
Old 01-23-2007, 02:03 AM
harmor19 harmor19 is offline
 
Join Date: Apr 2005
Posts: 1,324
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Change
HTML Code:
onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])"
To
HTML Code:
onsubmit="md5hash(vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])"
Reply With Quote
  #5  
Old 01-23-2007, 03:02 AM
JMH11788 JMH11788 is offline
 
Join Date: Jan 2005
Location: Ohio
Posts: 83
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by harmor19 View Post
Change
HTML Code:
onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])"
To
HTML Code:
onsubmit="md5hash(vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])"
Works perfect! Thanks!
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 07:17 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07135 seconds
  • Memory Usage 2,209KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (7)bbcode_html
  • (2)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (5)post_thanks_box
  • (5)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (5)post_thanks_postbit_info
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete