MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > Useing MyBB with a CMS
Full Version: Useing MyBB with a CMS
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

nuweb

2006-01-05, 05:55 PM
Hello, I am a coder, and have coded many mods for a certain CMS. I am now wanting to code a forum onto the CMS. I soon got bored, as it is very chalangeing, and i became worried of security risks.

So I came here because this is my favorite forum scripting.

I allready have a USER DATABASE. I have stored user names, and userpasswords protected with MD5.

What i am wanting to do, is MANUALY add my current members to the database. Easy.

Then new members, i will insert the users information in the CMS database, and send a duplicate copy of the information to the forum software. Simple..

So i start by looking at the database information under Users. AND i get slightly confused.

in the "PASSWORD" row, the password is not encriped in MD5, SHA, or Des. (the ones i know)... What are the passwords encripted with?

Also, what are the rows "Salt" and "LoginKey" used for? ... I have no idea??

Thanks in advance, i hope to release the modifications that i do, to the other users of this CMS. So this will mean a increase in users useing this script

decswxaqz

2006-01-05, 06:11 PM
You might want to check out this thread
http://community.mybboard.net/showthread.php?tid=5727

Salt and how the passwords are encrypted are in that thread.

The loginkey is stored in a cookie on the users computer, prefixed with user_id_loginkey].

nuweb

2006-01-05, 06:23 PM
ahh, i see. Thank you very much.

For those who may need it in the future, i extracted the functions needed to generate the same type of password that is inputed to the DB:

<?

//
// Salt's $password based on $salt (expects $password to be md5'd once)
//
function salt_password($password, $salt)
{
	return md5(md5($salt).$password);
}

//
// Generates an 8 character string for the password salt
//
function generate_salt()
{
	return random_str(8);
}

//
// Generates a 50 character random login key
//
function generate_loginkey()
{
	return random_str(50);
}


//
// Generates a Random String
//
function random_str($length="8")
{
	$set = array("a","A","b","B","c","C","d","D","e","E","f","F","g","G","h","H","i","I","j","J","k","K","l","L","m","M","n","N","o","O","p","P","q","Q","r","R","s","S","t","T","u","U","v","V","w","W","x","X","y","Y","z","Z","1","2","3","4","5","6","7","8","9");
	$str;
	for($i=1;$i<=$length;$i++)
	{
		$ch = rand(0, count($set)-1);
		$str .= $set[$ch];
	}
	return $str;
}


$passfromform = "pass";

$md5password = md5($passfromform);
$salt = generate_salt();
$saltedpw = salt_password($md5password, $salt);
$loginkey = generate_loginkey();

?>

password = <? echo $passfromform; ?> <br>
md5password = <? echo $md5password; ?> <br>
Salt = <? echo $salt; ?> <br>
Salted-pw = <? echo $saltedpw; ?> <br>
LoginKey = <? echo $loginkey; ?> <br>



//Their is no trailing exit php, this was added by the forum?

nuweb

2006-01-09, 05:04 PM
GREAT
I have it all intergraated. Once someone registers on http://www.FunFarm.com

They also automaticaly register on FunFarm's Forum !! .. Great.

So i am not makeing it so the only MemberCp is on my CMS! .. I have now coded that, if they change their avator for example it changes it on the forum.

BUT!!.. Theirs a field, that get me slightly confused, which is:
avatartype

Can someone please tell me what types are allowed, and what variable is put in that field for the type

E.g.
.gif = 1
.jpg = 2

?? .. Thanks in advance!!
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > Useing MyBB with a CMS