CODEWITHSUNDEEP
phpmysqlmybb
user1973003
user1973003

Reputation: 145

the method of encryption password in mybb database

guys can someone tel me the mybb use what method to encrypt password in database? because i have problem with this code every time i use user and password (correct user and pass) i have error : "incorrect user and password"

i put for you 3part of my code that i need help on this(i think i have a problem on class Login ):

thank you for help.

class DB
{
    var $connection;
    var $started;

    function start()
    {
        global $MySQL_Host, $MySQL_User, $MySQL_Pass, $MySQL_DB;

        $this->connection = mysql_connect( $MySQL_Host, $MySQL_User,     $MySQL_Pass );
        mysql_select_db( $MySQL_DB, $this->connection );
    }

    function query( $query )
    {
        $result = mysql_query( $query, $this->connection );

        if( $result )
        {
            return mysql_fetch_full_result_array( $result );
        }
        else
        {
            return $result;
        }
    }

    function end()
    {
        mysql_close( $this->connection );
    }

    function isStarted()
    {
        return $started;
    }
}

function mysql_fetch_full_result_array( $result )
{
    $table_result = array();
    $r = 0;

    if( $result === true )
    {
        return $result;
    }

    if( mysql_num_rows( $result ) == 0 )
    {
        return $result;
    }

    while( $row = mysql_fetch_assoc( $result ) )
    {
        $arr_row = array();
        $c = 0;

        while ( $c < mysql_num_fields( $result ) )
        {       
            $col = mysql_fetch_field( $result, $c );   
            $arr_row[ $col -> name ] = $row[ $col -> name ];           
            $c++;
        }   

        $table_result[ $r ] = $arr_row;
        $r++;
    }   

    return $table_result;
}


class Login
{

    function CheckLogin( $username, $password )
    {
        $db = new DB();
        $db->start();

        $query = "SELECT uid, password, email FROM mybb_users WHERE username='".$username."' AND password='".md5(md5($salt).md5($password))."';";

        $result = $db->query( $query );

        $db->end();

        if( $result == false )
            return false;
 //             fwrite($fh, $result);
 //             fclose($fh);


        if( md5(md5($salt).md5($password)) == $result[ 0 ][ 'password' ] )
        {
            return array( 'uid' => $result[ 0 ][ 'uid' ],
                          'mail' => $result[ 0 ][ 'email' ],
                          'user' => $username
                        );
        }
    }
}

Upvotes: 0

Views: 1971

Answers (1)

DevZer0
DevZer0

Reputation: 13535

your query use $salt but i don't see it declared anywhere in the code

$query = "SELECT uid, password, email FROM mybb_users WHERE username='".$username."' AND password='".md5(md5($salt).md5($password))."';";

Upvotes: 1

Related Questions