same thing here m8spechackers wrote: i need an convertor , for changing from SMF TO PHPBB>
Help appreciated.
Code: Select all
// Figure out the password, and load the settings.
$user_settings = mysql_fetch_assoc($request);
$md5_passwrd = md5_hmac($_REQUEST['passwrd'], strtolower($user_settings['memberName']));
// Check if the account is activated
if (empty($user_settings['is_activated']))
{
$context['login_error'] = $txt['activate_not_completed1'] . ' <a href="' . $scripturl . '?action=activate;sa=resend;u=' . $user_settings['ID_MEMBER'] . '">' . $txt['activate_not_completed2'] . '</a>';
log_error($txt['activate_not_completed1'] . ' - ' . $user_settings['memberName'], false);
return;
}
// Old style encryption... now's the only time to fix it.
if ($user_settings['passwd'] == crypt($_REQUEST['passwrd'], substr($_REQUEST['passwrd'], 0, 2)) || $user_settings['passwd'] == md5($_REQUEST['passwrd']))
{
updateMemberData($user_settings['ID_MEMBER'], array('passwd' => '\'' . $md5_passwrd . '\''));
$user_settings['passwd'] = $md5_passwrd;
}
// What about if the user has come from vBulletin or Invision? Let's welcome them with open arms \o/.
elseif ($user_settings['passwordSalt'] != '' && ($user_settings['passwd'] == md5(md5($_REQUEST['passwrd']) . $user_settings['passwordSalt']) || $user_settings['passwd'] == md5(md5($user_settings['passwordSalt']) . md5($_REQUEST['passwrd']))))
{
// Get our new encryption in!
updateMemberData($user_settings['ID_MEMBER'], array('passwd' => '\'' . $md5_passwrd . '\'', 'passwordSalt' => '\'\''));
$user_settings['passwd'] = $md5_passwrd;
}
// Bad password! Thought you could fool the database?!
elseif ($user_settings['passwd'] != $md5_passwrd)
{
...Code: Select all
// MD5 Encryption used for passwords.
function md5_hmac($data, $key)
{
$key = str_pad(strlen($key) <= 64 ? $key : pack('H*', md5($key)), 64, chr(0x00));
return md5(($key ^ str_repeat(chr(0x5c), 64)) . pack('H*', md5(($key ^ str_repeat(chr(0x36), 64)). $data)));
}