I am trying to have a site-login for moderators and administrators.
How exactly would i compare the password to the one in the database, i have checked and it uses a salt with a md5 password i think , how would i go about it?
$username = 'Username';
$plaintext_password = 'mypassword';
$query = mysql_query("SELECT uid,username,salt,password FROM mybb_users WHERE username='".mysql_real_escape_string($username)."'");
$user = mysql_fetch_array($query);
if(!$user['uid'])
{
// invalid user
}
else
{
if(md5(md5($user['salt']).md5($plaintext_password)) == $user['password'])
{
// valid user
}
else
{
// invalid password
}
}
Awesome thanks for that will give it a go in a second.
How about finding out if the forum cookie is set, so i can keep them logged in on the actual website too?
Thanks dude!
Have you considered including MyBB's global.php? That would automatically handle the sessions so you can use $mybb->user['uid'] to check the user.
How would i go about doing that?