Create users in an alternate database

vbtrek · Post by **vbtrek** » Mon Apr 28, 2008 3:14 pm

Can anyone point me in the right direction, when a user registers on our forum, i'd like to write the username and unencrypted password to another database on the same server as our forum.

We use a SQL2005 database for both databases, and phpbb 2.0.19.

I would have used a SQL trigger but we need the password before it's encrypted in the users table.

Any help would be much appreciated.

drathbun · Post by **drathbun** » Mon Apr 28, 2008 5:43 pm

What are you going to use the other table for?

Reason I ask is questions that relate to storing a user's password as clear text or logging them somehow are generally viewed as being less than desirable actions.

vbtrek · Post by **vbtrek** » Tue Apr 29, 2008 8:20 am

Fair point, it is for the knowledgebase software we're using (http://www.instantasp.co.uk/Products/InstantKB/) and it's really just to make life easy for our customers so they don't have to register on both the forum and knowledgebase separately. The InstantKB database stores user data in a very basic form in it's InstantKB_Users table the UserName and Password are just stored in plain text.

Thanks for the reply.

drathbun · Post by **drathbun** » Tue Apr 29, 2008 2:57 pm

One brief statement about that and then I'll give you a tip as to where to look... you really should not store passwords as clear text.

So you might want to see if there is anything that can be done about that.

If you look in includes/usercp_register.php you will find where the 3 insert statements are run that create a new user in phpBB2. You can add a fourth insert statement to create a record in your table, and the password is - at that point in the code - available as the user entered it on the form.

3Di · Post by **3Di** » Tue Apr 29, 2008 4:28 pm

vbtrek wrote:We use a SQL2005 database for both databases, and phpbb 2.0.19.

On a side note i strongly encourage you to update to the latest 2.0.23 phpBB2.