MyBB Community Forums

Hi I switched over from e107 to mybb and I run a App that my members login into to use , there login needs to match there username and password that they register at mybb forum.
can you please help me here I have tryed several things but nothing works and im not a php coder so yes Im asking you to please ( fix or rewrite the code below ) Thanks

My App Is looking for $username and $passwd

--------------------------Old Code That ( Worked ) With Old Forum e107 with just MD5-----------------------------
    
    $passhash = md5( $passwd );
      
    $authresult = mysql_query("SELECT user_name,user_password, from dbt WHERE user_name='$username' AND user_password='$passhash' ")
                                     or die('mysql error: ' . mysql_error() );

              
     // echo $passwd;
if (mysql_numrows($authresult)==0)

--------I Cant Get This To Work On new Forum mybb With MD5 And Salt------------
-------------------------------------I tryed all This----------------------------------
    $passhash = md5($passwd . $salt);
       // $passhash = md5($password . $salt);

        //$passhash = md5($passwd), $username('salt'));
        //$passhash = md5($password), $username('salt'));


        //$passhash = md5(md5($salt).md5($passwd));
       // $passhash = md5(md5($salt).md5($password));


       // $passhash = md5($salt('password'))
       // $passhash = md5($salt('passwd'))

        //$passhash = md5(md5($salt).md5($plain_pass));
      
           
    $authresult = mysql_query("SELECT username,password,salt from mybb_users WHERE username='$username' , password And salt='$passhash' ")

                                     or die('mysql error: ' . mysql_error() );
              
      echo $passwd;
if (mysql_numrows($authresult)==0)
-------------------------------------I tryed This----------------------------------

    define("IN_MYBB", 1);

if($mybb->input['action'] == "login")
{
    $authresult = $db->simple_select("users", "password, salt", "username = '" . $db->escape_string($mybb->input['username']) . "'");
    $user = $db->fetch_array($authresult);
    
    if(md5(md5($user['salt']) . md5($mybb->input['password'])) == $user['password'])
    {
              
      echo $passwd;
if (mysql_numrows($authresult)==0)

-------------------------------------I tryed This----------------------------------

function mybb_validate($passwd)
{
   
$authresult = mysql_query("SELECT username,password,salt from mybb_users WHERE username='$username' AND password,salt='$passwd' ")
                                     or die('mysql error: ' . mysql_error() );


   if($username['password'] == md5(md5($username['salt']).$passwd))
   {
      return true;
   }
   return false;
}

      echo $passwd;
if (mysql_numrows($authresult)==0)

The 1st "I tryed This" should work (except that $passwd is undefined), what exactly isnt working? Are the credentials you're entering correct?

thanks for the reply ( I AM Stupid ) i do not under stand your reply , i don't get error and my app  gives me a re login page cause it doesn't see the right username and password so i know im connecting to database and i know i have the right dbtable connection string.

and i dont know what you mean by undefine $passwd

sorry for my stupidity

---

(2016-01-30, 05:08 PM)insalted Wrote: [ -> ]thanks for the reply ( I AM Stupid ) i do not under stand your reply , i don't get error and my app  gives me a re login page cause it doesn't see the right username and password so i know im connecting to database and i know i have the right dbtable connection string.

and i dont know what you mean by undefine $passwd

sorry for my stupidity

What works right now is a temporary unsecure login (no MD5 or salt )

$authresult = mysql_query("SELECT user_name,user_password FROM user2  WHERE user_name='$username' AND user_password='$passwd' ")
         or die('mysql error: ' . mysql_error() );
              
     // echo $passwd;
if (mysql_numrows($authresult)==0)

and the first code at top with the old e107 forum with MD5 only