SMF Password Encryption [Solved]

Started by GE_Strider, October 11, 2009, 06:19:55 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

GE_Strider

October 11, 2009, 06:19:55 PM Last Edit: October 19, 2009, 09:10:32 AM by GE_Strider
Hello,

I am starting a new website and have installed SMF to the server (Great forum BTW). Now, my site will have the ability to login to post comments, reviews, etc. But I don't want users to have two separate accounts for the board and site. I can connect to the database through mysql queries for the login, but I need to know how SMF encrypt it's member passwords so I can add that function to the site itself.

Arantor

#1
October 11, 2009, 06:48:16 PM
It's documented in LogInOut.php, and I'm sure this has been covered in the forum before.

$hash = sha1(strtolower($username) . $password);

Depending on what you're trying to do, including SSI.php may simplify a lot of things for you (e.g. managing logins automatically) - SSI Readme, How to use the SMF user system outside of SMF and How do I integrate SMF into my PHP coded website?
Holder of controversial views, all of which my own.

[SAP]Francis

#2
October 11, 2009, 06:52:33 PM
Quote from: Arantor on October 11, 2009, 06:48:16 PM
$hash = sha1(strtolower($username) . $password);
To be more specific if you are new with PHP, here is how it goes.

Take an username, such as HEllO.
Take a password, such as iLovePancakes.
Make the username to lowercase, being hello.
Leave the password how it is.

Now encrypt the following password with the sha1 function: helloiLovePancakes.

The password in the database table will be this one: A70AC1F04A4212FDC18C7F06DD9AAB22050943D9

As Arantor said, you could always use the Login function within the SSI method, too.

Vehicles Forum
Founded By Francis Morissette

Arantor

#3
October 11, 2009, 06:56:43 PM
Just to clarify: simply including SSI.php will actually check if the user is logged in and deal with cookies etc. Adding ssi_login will also display a login box if they're not already logged in.
Holder of controversial views, all of which my own.

[SAP]Francis

#4
October 11, 2009, 06:57:30 PM
Quote from: Arantor on October 11, 2009, 06:56:43 PM
Just to clarify: simply including SSI.php will actually check if the user is logged in and deal with cookies etc. Adding ssi_login will also display a login box if they're not already logged in.
That's what I meant, thanks Arantor. :)

Vehicles Forum
Founded By Francis Morissette

JimM

#5
October 18, 2009, 10:28:06 PM
Welcome to SMF GE_Strider

Once you get a chance to read over all the good information provided, be sure and mark the topic solved unless you need further assistance.
Jim "JimM" Moore
Former Support Specialist

Arantor

#6
October 18, 2009, 10:29:01 PM
Additionally, if you require any further support it may be worth moving this topic (or further discussions at least) to the Coding Discussion board.
Holder of controversial views, all of which my own.

GE_Strider

#7
October 19, 2009, 09:09:58 AM
Thanks guys. This information really helped.

Arantor

#8
October 19, 2009, 10:35:45 AM
Good to hear. I've marked this topic solved but if you need further help please use the 'Topic Not Solved' link.
Holder of controversial views, all of which my own.

Print
Go Up Pages1
User actions
Advertisement: