MyBB Community Forums

MyBB Community Forums > Resources > Third Party Integration > Login Script. Please Help.
Full Version: Login Script. Please Help.
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

legobear154

2011-04-28, 12:25 AM
OK, I have no idea how to do this. I am trying to make a script that I can use to return whether the username a password supplied is correct. So a login script. Here is what I have.
<?php
$dbhost = 'localhost';
$dbuser = 'username';
$dbpass = 'password';
$tbl_name = 'tablename';

$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');
mysql_select_db('database')or die('cannot select DB');

        $user = $_GET['user'];
        $pass = $_GET['pass'];
				$query = "SELECT salt FROM $tbl_name WHERE username='$user'"; 
				$result = mysql_query($query) or die ('salt query failed');
				$row = mysql_fetch_assoc($result);
				$saltedpw = md5(md5($salted).md5($mypassword));
				md5(md5($salt).md5($pass));
				$sql="SELECT * FROM $tbl_name WHERE username='$user' and password='$saltedpw'";
				$result=mysql_query($sql);

				// Mysql_num_row is counting table row
				$count=mysql_num_rows($result);

if ($count == 1) {
	 echo "Login Successful";
}
else {
		 echo "Login Failed";
}	

?>
Any idea whats wrong? it echo's Login Failed every time.
Thanks, Legobear154

edit: I am using the newest version of mybb

seeker

2011-04-28, 04:01 AM
Hi Legobear154, Welcome to MyBB,
Unless I missed something you are SELECTing 'salt' and then not really setting the variable:

// ...
$row = mysql_fetch_assoc($result);
// Set the var ' $salt '
$salt = $row['salt'];
// Using the var ' $salt ' instead of ' $salted ' 
$saltedpw = md5(md5($salt).md5($mypassword));
// FYI: Not sure what your next line is for, $saltedpw is already set above:
// md5(md5($salt).md5($pass));

Hope that gets you closer to something that works. Let me know how it goes.

legobear154

2011-04-28, 07:33 PM
(2011-04-28, 04:01 AM)seeker Wrote: [ -> ]Hi Legobear154, Welcome to MyBB,
Unless I missed something you are SELECTing 'salt' and then not really setting the variable:

// ...
$row = mysql_fetch_assoc($result);
// Set the var ' $salt '
$salt = $row['salt'];
// Using the var ' $salt ' instead of ' $salted ' 
$saltedpw = md5(md5($salt).md5($mypassword));
// FYI: Not sure what your next line is for, $saltedpw is already set above:
// md5(md5($salt).md5($pass));

Hope that gets you closer to something that works. Let me know how it goes.

Thank you for your help, I got it working. That helped out a lot.
Thanks, Legobear154

seeker

2011-04-29, 03:28 AM
Sure, glad to hear it worked. Smile
MyBB Community Forums > Resources > Third Party Integration > Login Script. Please Help.