I'm tring to use a single registration system for UBBT and PhotoPost. I have all the code in place; however, at the last minute I figured out that UBBT encrupts the password in the MySQL database (using the PHP crypt command).
So, I was wondering: Is there a way to run a verify on the password entered and the encrypted password stored in the database from a cgi script?
PicPost can interface with vB; so, does UBBT use "MD5 encruption"?
From PicPost: "vBulletin uses MD5 encryption to encrypt passwords and generate a string of characters to store in the database. When a user logs in, the password they supply is encrypted and compared to the stored encrypted string that corresponds to that username. PhotoPost works with vB's encrypted strings because Perl comes with Digest::MD5, which can duplicate the process."
I think I would prefer to do it the other way around; that is, figure out how to get the Perl script to execute a "crypt()" command to see if the password matches what is in the database.
This way I do not have issues with the 13,000+ registered users I already have.
You can do a compare on an encrypted password with something like this. $Password is the password the user typed in. $pass is the encrypted password retrieved in the database.
if (crypt($Password,$pass) != $pass) { print "Bad Password"; }
------------------- Rick Baker UBBThreads developer
Except that the compare has to be done inside the Perl script; which doesnt have a "crypt" function to call (or did I miss something?). I tried using the Crypt::DES functions, but that didnt help.
However, I did get the system working. Since I had just moved my UBB members into the UBBT database; I simply modified the UBBIMPORT script to convert the passwords to MD5 format. That converted the 13,000+ users and only lost a couple people who had signed up in the little time the baord was active.
So, now the users can move freely between the two features without having to register for two accounts or login twice.