Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Validating password from a different pass table?


Colin

Recommended Posts

Hey there,

I'm trying to pull the password from a different user table. It is encrypted.

 

IE. I am trying to get a password for /catalog/login.php from a database table called extrausers instead of customers

 

Is there anyway I can do this?

thanks,

Colin

Link to comment
Share on other sites

I'm trying to pull the password from a different user table. It is encrypted.

 

Is there anyway I can do this?

There certainly is. You'll have to modify the query to pull the passsword field from the other table. This is simple.

 

Now, what was the encryption process? You might have to rewrite the actual checking code. A bit more difficult.

Christian Lescuyer

Link to comment
Share on other sites

I guess I should have been a little more straight-forward. The database is phpBB. I believe it uses MD5.

 

I modified the SQL query to pull the password from the phpBB database but I got a "User not found or password incorrect" error. Is it possible then, that I've made the SQL query incorrectly? Here is what I did:

 

- Installed phpBB in /phpBB/ Added the {U} and {L} links for phpBB so I could include the store URL correctly in the header

- Both phpBB and osC tables reside in database phpbb

- Moved osC into /phpBB/store/

- Modified line 26 in /phpBB/store/includes/database_tables.php. It now reads: define('TABLE_CUSTOMERS', 'phpbb_users');

- Replaced in /phpBB/store/login.php

// Check if email exists
   $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");

 

with

 

// Check if email exists
   $check_customer_query = tep_db_query("select user_email, user_password from " . TABLE_CUSTOMERS . " where user_email = '" . tep_db_input($email_address) . "'");

 

I didn't touch /phpBB/store/includes/functions/password_funcs.php The whole store is stock besides the two osC files modified. Basically, all I am trying to do is allow the registered user from my phpBB to 'login' over on the osC site. I will require them to update their user information at the end of the checkout process.

 

Thanks for your help,

Colin

Link to comment
Share on other sites

  • 1 month later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...