Uutiset:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu
Advertisement:

Letting members log in with SMF username/password on general website

Aloittaja Faan, maaliskuu 07, 2007, 01:00:03 IP

« edellinen - seuraava »
Tulosta
Siirry alas Sivuja1
Käyttäjän toimet

Faan

maaliskuu 07, 2007, 01:00:03 IP Viimeisin muokkaus: maaliskuu 07, 2007, 01:20:31 IP käyttäjältä Faan
I'm creating a general website with semi-CMS (admins of the forum will be able to do some changes in the general website). To avoid having the admins to remember different usernames/passwords for the forum and the general website, I would like to let them log in on the general website CMS with their forum login data.

The problem is with the password, at first I thought it was md5 encrypted, but after google searching I read MSF 1.1 uses sha1 encryption.

When I use the following code, it still doesn't work, my sha1($send_password) does not match the SMF password in the SMF database...

Anyone that can see what I'm doing wrong?

Koodi [Valitse]

    $send_username  = $_POST['send_username'];
    $send_password  = $_POST['send_password'];
    $sql            = "SELECT passwd,ID_GROUP FROM smf_members WHERE memberName='$send_username'";
    $query          = mysql_query($sql);
    if(mysql_num_rows($query)==0)
        {
        echo("<p class=\"error\">Error: {$send_username} doesn't exist...</p>\n");
        $_SESSION['loggedin']   = false;
        $_SESSION['admin']      = "0";
        }
    else
        {
        $record     = mysql_fetch_assoc($query);
        $password   = sha1($send_password);
        if($password == $record['passwd'])
            {
            echo("<p class=\"error\">{$login_succes}</p>\n");
            $_SESSION['loggedin']   = true;
            if($record['ID_GROUP']=="1")
                {
                $_SESSION['admin']      = "1";
                }
            else
                {
                $_SESSION['admin']      = "0";
                }
            }
        else
            {
            echo("<p class=\"error\">Error: password for {$send_username} incorrect ...<p>\n");
            $_SESSION['loggedin']   = false;
            $_SESSION['admin']      = "0";
            }
        }
    }

PS, I know it is possible by using ssi.php and stuff, but all I need to make work what I want (don't need all that other stuff) is how to make the given password from the form able to compare with the password of that user in the database...

Faan

#1
maaliskuu 07, 2007, 02:04:19 IP
Koodi [Valitse]
sha1(strtolower($username) . $password)

found it, thx!
Tulosta
Siirry ylös Sivuja1
Käyttäjän toimet
Advertisement: