Not Solved [How To?] Retrieve users password via database?
#1
Not Solved
Hey,

So I've made an application and want users to be able to sign in through their username/password from the forums. I have been able to connect to the database retrieve the username and password, however as you might or may know.. The database password is completely different from the actual users password. Obviously it won't show their real password. So, if the user wants to sign in - they have to put the big password in the database. They can't login through the password they use to sign in on the forums. 

How can I fix this?

How can I retrieve the users password so that they are able to login without me having to give them the password from the database.


Regards,
Blooberz
Reply
#2
Not Solved
In simple words: The password saved in database is MD5 hash and the original password can not be retrieved.
You need to generate the MD5 hash of the user's original password input with the salt saved in database for the user and then check if the generated hash matches with the hash saved in database password field. If it does - password input by the user is correct.
Reply
#3
Not Solved
What way would you recommend generating the md5 hash of the user's original password?
Reply
#4
Not Solved
The MyBB way.

Read the functions in inc/functions_user.php
Reply
#5
Not Solved
I think your other option is, Open MyPHP Admin, then open your current database....then select: mybb_users
here you can view all passwords by every user in your site. You can also change passwords from this section of MyPHP ADmin as well.

let me know if this help, please.
Hey man, what's up?
Reply
#6
Not Solved
(2018-12-31, 09:14 PM)Michael2014 Wrote: I think your other option is, Open MyPHP Admin, then open your current database....then select: mybb_users
here you can view all passwords by every user in your site. You can also change passwords from this section of MyPHP ADmin as well.

let me know if this help, please.

No, unfortunately not.

The passwords in the database are encrypted. Which means I have to give users the password from the database from them to be able to login.

I have to somehow generate a hash when the user inputs the password and with the salt see if they match it in the database.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)