Integrating another php script to use phpbb's users

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Suggested Hosts
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Locked
ModemGuru
Registered User
Posts: 24
Joined: Wed Oct 13, 2004 5:40 pm

Integrating another php script to use phpbb's users

Post by ModemGuru » Thu Apr 24, 2008 11:58 pm

I am using a php script called WSNLinks that utilizes my username/password database from phpbb2. It is very easy to set up the integration, but I'm having difficulty integrating it with phpbb3. It is all done via the admin interface and as I don't really know php/mysql (can edit and fumble about, but not much further) I'm having some trouble.

When integrating I am presented with:

Code: Select all

Are passwords encoded in a manner other than the password encoding type you've selected in your settings?

If you answered yes to the above question, type the method for transforming an input of $userpassword into an encoded $password. This can be made complex if necessary, but here's a simple example:
$password = base64encode($userpassword);
Can anyone help me figure out what I would need to input in order to send the proper hash value to the login script in order to authenticate? (ie: How do I encode $userpassword into phpbb3's $password?)

Thank you for any assistance you can provide,
Brad

User avatar
Noxwizard
Support Team Leader
Support Team Leader
Posts: 10347
Joined: Mon Jun 27, 2005 8:41 pm
Location: Texas, USA
Name: Patrick Webster
Contact:

Re: Integrating another php script to use phpbb's users

Post by Noxwizard » Fri Apr 25, 2008 12:56 am

phpBB uses its own hashing function for this, phpbb_hash() from includes/functions.php.
[Support Template] - [Read Before Posting] - [phpBB Knowledge Base]
Do not contact me for private support, please share the question in our forums.

ModemGuru
Registered User
Posts: 24
Joined: Wed Oct 13, 2004 5:40 pm

Re: Integrating another php script to use phpbb's users

Post by ModemGuru » Fri Apr 25, 2008 1:59 pm

Noxwizard wrote:phpBB uses its own hashing function for this, phpbb_hash() from includes/functions.php.
Right, I see there is a phpbb_hash, phpbb_check_hash, _hash_gensalt_private, _hash_encode64, and _hash_crypt_private, but looking over that information I'm just not sure how to get from point A (user entered password $userpassword) to point B ($password to check against hashed value). It probably isn't terribly difficult for someone fluent in php, but unfortunately that I am not.

User avatar
Noxwizard
Support Team Leader
Support Team Leader
Posts: 10347
Joined: Mon Jun 27, 2005 8:41 pm
Location: Texas, USA
Name: Patrick Webster
Contact:

Re: Integrating another php script to use phpbb's users

Post by Noxwizard » Fri Apr 25, 2008 5:20 pm

Here's an example of checking an entered password:

Code: Select all

    define('IN_PHPBB', true);
    $phpbb_root_path = './';
    $phpEx = substr(strrchr(__FILE__, '.'), 1);
    include($phpbb_root_path . 'common.' . $phpEx);

    //Look up the hashed password
    $sql = 'SELECT user_password
        FROM ' . USERS_TABLE . "
        WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $db->sql_freeresult($result);
    
    //If we found the user and its password, compare the passwords
    if($row)
    {
        if(phpbb_check_hash($password, $row['user_password']))
        {
            echo "Password Match!";
        }
        else
        {
            echo "Password Mis-match!";
        }
    }
    else
    {
        echo "User not found!";
    }

}
 
[Support Template] - [Read Before Posting] - [phpBB Knowledge Base]
Do not contact me for private support, please share the question in our forums.

ModemGuru
Registered User
Posts: 24
Joined: Wed Oct 13, 2004 5:40 pm

Re: Integrating another php script to use phpbb's users

Post by ModemGuru » Mon Apr 28, 2008 2:31 pm

I've spoken with the script designer (for WSNLinks) and he said that there are too many conflicts to include the phpBB functions/script as a whole. He has asked me to ask if there is a way to transform the typed value into the database's user_password value without using phpBB.

Thanks,
Brad

User avatar
T0ny
Registered User
Posts: 1383
Joined: Sun Jan 29, 2006 8:42 pm
Location: Lancashire
Name: Tony

Re: Integrating another php script to use phpbb's users

Post by T0ny » Mon Apr 28, 2008 3:56 pm

You could take the functions

phpbb_check_hash()
_hash_crypt_private()
_hash_encode64()

and copy them into their own php file. That way you wouldn't have to include all of functions.php in your script

Locked

Return to “[3.0.x] Support Forum”