vForums: Message Board Support - API: Password Check - View Topic

vForums Free Message Boards

Welcome Guest! Please Login or Register

vForums Support :: vForums :: Support :: API: Password Check - View Topic

Topic Rating:	Printable View

dog199200
Guest

API: Password Check (2nd Feb 10 at 5:45am UTC)
Ross, I have been trying to do an account check in my store system to verify the user make the purchase is the person logged into the account, there is one big problem I have no idea how to do a password check since you hashed the passwords this is what i am currently using: Code: Select All if($_POST['username'] != $user_info['user_name'] \|\| $_POST['password'] != $user_info['password'] \|\| !$_POST['username'] \|\| !$_POST['password']){ if($_POST['username'] != $user_info['user_name'] \|\| $_POST['password'] != $user_info['password'] \|\| !$_POST['username'] \|\| !$_POST['password']){ Only think I can think of is hashing the $_POST['password], but i honestly have no idea if they would has exactly the same. I'm assuming your using md5. So any idea on how to go about getting this done?
Back to Top - Link to Post - Last edit: by dog199200

Ross
Administrator

Posts: 3,709
Status: Offline
Gender: Male
Age: 9 ¹⁄₄
Joined:

Additional Groups:
Support Team

Reputation: 45%

pm www twitter gtalk vForum

Re: API: Password Check (2nd Feb 10 at 9:40am UTC)
Unfortunately we cannot reveal how our passwords are hashed. And may even change how it's done at some point in the future to improve security. The only way to validate the password a user provides is to run it through the login_user() function. That will post it to our server which will handle hashing it and comparing it to the password in the database.
Back to Top - Link to Post

dog199200
Guest

Re: API: Password Check (2nd Feb 10 at 10:08am UTC)
Ok i understand the security aspect, also i don't mind if it has to check the password on your end and not completely on mine which is why i tried using $user_info['password']. Anyways how would i go about running it through the login_user() function? Well the better question is, is the login_user() function an array? If it is i can can take it from there. Edit: Ok i think i figured it out, i looked over the API again and seen how it was setup, and based on what i've been before, this should work, i hope: $passval = $vf -> login_user($pass = 'pass'); Edit 2: Clearly my PHP still still need work This is what I am using and its not working, and suggestions? Code: PHP Select All `$username = $_POST['username'];` `$password = $_POST['password'];` `$vf_pass = $vf -> login_user($pass = 'pass');` `if($username != $user_info['user_name'] \|\| $password != $vf_pass \|\| !$username \|\| !$password){` $username = $_POST['username']; $password = $_POST['password']; $vf_pass = $vf -> login_user($pass = 'pass'); if($username != $user_info['user_name'] \|\| $password != $vf_pass \|\| !$username \|\| !$password){ the default username and email id's are set to user and pass so part should be fine
Back to Top - Link to Post - Last edit: by dog199200

	Printable View

All times are GMT+0 :: The current time is 2:27pm
Page generated in 0.2251 seconds

This Forum is Powered By vForums (v2.4)
Create a Forum for Free | Find Forums