1 Reply by ephelia

(5 replies, posted in PunBB 1.3 additions)

Yeah but I really don't want to use some php pages. I juste want to use the database.

I think to authentify the users, some informations are hashed with sha1 (or anything else) and then, we get a hashed string.
Finally, we just need to compare it to the hashed string in the "password" field of the DB.
If the hashed string match, the user is authentified, else, the user isn't authentified.

So my problem is, I don't know which value I need to hash to be able to compare it to the DB value.

I'm not sure to have explained correctly my problem '^^
So please, excuse me smile

Go to forum: PunBB 1.3 additions

2 Reply by ephelia

(5 replies, posted in PunBB 1.3 additions)

I found this in the code :

sha1($forum_user['salt'].$forum_user['password'].forum_hash(intval($cookie['expiration_time']), $forum_user['salt']))

I know that :

$forum_user['salt'] is the "salt" in the database
$forum_user['password'] is the password that enter the user when he's logging in

But this line is not very clear :

forum_hash(intval($cookie['expiration_time']), $forum_user['salt'])

I don't know why there is a cookie... I don't understand the utility of this...

Go to forum: PunBB 1.3 additions

3 Topic by ephelia

(5 replies, posted in PunBB 1.3 additions)

Hello,

I'm making a little webchat on another website, and I would that users can log in with the same user and login as the forum.
I know that in the DB, there is a password hashed and a salt.
But I really don't know how to verify if the password that enter the user match to the password in the DB.

If anybody can help me, I'll be very happy tongue

Thanks, Ephelia

Go to forum: PunBB 1.3 additions