D¡cky wrote: Edit: I am having server problems at the moment. Should be backup in a day or so.
marsh lagoon wrote:D¡cky wrote:Edit: I am having server problems at the moment. Should be backup in a day or so.
I'm interested in giving this one a try. Please let us know when you have your server problems squared away.
moitio wrote: I did it on the most recent version of punbb. My biggest complaints are some of the table name entry thingys weren't defined, and the code rehashed all the passwords. Also it got the status column wrong. If you don't mind I'll rework the code so it works for Punbb 1.2.5 and I'll send you the code.
Thanks, Moitio
Code: Select all
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
Code: Select all
//*** start punnbb to phpbb password converter ***
//this extra bit of code checks if the pass is from punnbb then
//updates the password to something phpbb would understand. there
//are other ways to do this but i believe that this requires the least
//amount of editing (and understanding) of phpbbs original code. ;')
$sql = "SELECT user_id, username, user_password FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); }
//lets just make sure the user exists
if ( mysql_num_rows( $result ) == 1 )
{
//users exists so lets grab their info
if( $row = $db->sql_fetchrow($result) )
{
//if a sha1 encryption is equal to the pass in the database then its left over from punbb
//also its only 32 chars long since they were trunkated in the dump
if ( substr( sha1( $HTTP_POST_VARS['password'] ), 0, 32) == substr( $row['user_password'], 0, 32) )
{
//take the subbed pass and put a md5 encryption on it and insert it into the database
$sql = "UPDATE phpbb_users SET user_password = '" . md5( $HTTP_POST_VARS['password'] ) . "' WHERE user_id = '" . $row['user_id'] . "'";
if (@mysql_query($sql)) { /*the pass was updated to md5!!!*/ }
else { echo("Password Error: " . mysql_error() . "<br>Please contact your board admin immediatly."); }
}
}
}
//were updating the database password (if neccessary) before phpbb has a
//chance to check it. the rest of the code should just run as if normally.
//coded by: sporkit @ www.sporkit.com © 2005
//*** end punnbb to phpbb password converter ***
Code: Select all
#
#-----[ OPEN ]------------------------------------------
#
login.php
#
#-----[ FIND ]------------------------------------------
#
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
#
#-----[ AFTER,ADD ]------------------------------------------
#
//*** start punnbb to phpbb password converter ***
//this extra bit of code checks if the pass is from punbb then
//updates the password to something phpbb would understand. There
//are other ways to do this but i believe that this requires the least
//amount of editing (and understanding) of phpbbs original code. ;')
$sql = "SELECT user_id, username, user_password FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); }
//lets just make sure the user exists
$count = $db->sql_numrows($result);
if ( $count == 1 )
{
//users exists so lets grab their info
if( $row = $db->sql_fetchrow($result) )
{
//if a sha1 encryption is equal to the pass in the database then its left over from punbb
//also its only 32 chars long since they were truncated in the dump
if ( substr( sha1( $HTTP_POST_VARS['password'] ), 0, 32) == substr( $row['user_password'], 0, 32) )
{
//take the subbed pass and put a md5 encryption on it and insert it into the database
$sql = "UPDATE phpbb_users SET user_password = '" . md5( $HTTP_POST_VARS['password'] ) . "' WHERE user_id = '" . $row['user_id'] . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Password Error:<br />Please contact your board administrator immediately.', '', __LINE__, __FILE__, $sql);
}
}
}
}
//we are updating the database password (if neccessary) before phpbb has a
//chance to check it. the rest of the code should just run as if normally.
//coded by: sporkit @ www.sporkit.com © 2005
//*** end punnbb to phpbb password converter ***
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM