Hi,
How do I get the user's password? Like where is it stored in? And is it encrypted? How do I decrypt?
What I'm trying to do is I'm trying to create a simple shop where I can detect the Points user has and can exchange it for items... But I have to make sure that their password is correct. So how do I decrypt the password stored in database?
Thanks!
You can't view your user's passwords.
So how can I do this shop thing? I need to verify that they are who they are...
or is there anyway to verify what the user inputted as password against the password stored in database without me knowing it?
Like is there a variable $usr_password so I can compare $usr_input with $usr_password?
If match, then I know it's the same user?
MD5 is not decryptable especially when it is salted. The best way to do this would probably be to make them enter a new password.
Here's what I'm trying to do. People have Points associated to their forums account. They can use that points to trade for items in item shop. Obviously if no password is checked, anybody can claim to be the highest points member... So how do I check if they are who they are?
Is there php sessions that I can check? They can login on forums first, then verify the session?
Sessions are created in global.php:
// Create session for this user
require_once MYBB_ROOT."inc/class_session.php";
$session = new session;
$session->init();
$mybb->session = &$session;
All the functions for logging in and checking a password would be in member.php.
What point system are you using?