The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#1
11-22-2004, 11:57 PM
|
|||
|
|||
salt/hash passwords
i need to create a form so my members can register outside of my forums, from my site. i know how to query the database etc. in PHP, but i'm having problems with the passwords. i know the query uses MD5('pw', salt), but i need help with using the salt part of it. i need code so i can create a form asking for username and a password, after the user submits it, it will search for the username and password they entered...however, the salt function is confusing to me. how do i set up the function to do this? i'm looked at the login.php, but its so huge i dont know where to start to be honest...i only need the part to find a record based on the password. any script or info on this would be helpful, thanks.
|
|
#2
11-23-2004, 12:16 AM
|
||||
|
||||
|
Quote:
md5(md5('password' . 'salt')) 
|
|
#3
11-23-2004, 02:01 AM
|
|||
|
|||
|
okay, well i've got that far, now answer this question for me....
i register as username 'test', and the pw is 'test' as well. Then I look in the database and get this: password: 1b413dc15691f817a4891ea48b2c0ef0 salt:%eX Then I delete the test user, and re-register a user under the SAME user and pw (test). now the database reads... cdf189fe40f9d20a8194de2a2e74ec02 salt: Y"+ So my question is, why is it different everytime. when i use that line you gave me, it gives the same MD5 encryption but is not calling the salt. is there some function i should be calling in my script, like a salt function? I think the salt field is what causes this, but how does the script know what is in the 'salt' field? should i be calling these varibles with a query or something? this is really getting confusing.
|
|
#4
11-23-2004, 02:07 AM
|
||||
|
||||
|
Quote:
|
|
#5
11-23-2004, 07:42 PM
|
|||
|
|||
|
o ok, i figured something like that. i've been programming in PHP for about 6 months...i can do queries and stuff like that, simple things i guess. anyway, does anyone out there know how i can go about calling this function and producing the query. i basically want registered members to enter a username and password on the form i give, which goes to a PHP file for processing. the file will check to see if the username and password they entered in the form matches in the vb3_user table. prior to this i used $PHP_AUTH_ACCESS to do this, however, my members had to register for both my site and forums....i'd like to just authorize them with thier forum information. tips on doing this would be great, some scripting advice and/or code would be even better. thanks guys.
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 12:49 PM.