MyBB-Plugins Forums

Full Version: Manage myBB-accounts with external script?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi everyone,

what I am trying to do is this: I have a service for which people create accounts and I want to provide a forum in which they can ask questions and give feedback. Now I would like to make it so that they automatically get an account for the forum once they register for my service and I would also like to make it so that they can only manage their account from my service resulting in them always having the same login-credentials for both.

For now I am concerned with creating an account on a myBB forum from a PHP script.
Looking through the tables myBB creates I so far have a created a method that takes the hashes password I generate using password_hash in PHP and taken the salt and hashed value from it. I inserted that together with a username and email into the mybb_users table. With that however I could not log in. After copy pasting the salt and password-hash from another user already in the table I could login. So I am guessing that I am doing something wrong with converting my hash to the one needed for myBB.

Code:
private function createForumAccount($firstName, $email, $password) {
        //Prepare entries
        $hash = substr($password, 29);
        $salt = substr($password, 7, 22);
        //Connect to forum Database
        global $fdbName;
        $fdb = new DatabaseConnector($fdbName);
        //Insert information
        $query = "INSERT INTO mybb_users (username, password, salt, email) VALUES ('$firstName', '$hash', '$salt', '$email')";
        $fdb->query($query);
    }

The password is generated using password_hash("password string", PASSWORD_BCRYPT) and $fdb is a mysqli based connection to the database of the forum. $password may look like "$2y$10$H66rqcmjTxu.rOo3JgoXq.zegE1V.yDouAqXyPu5bB25tEKShNjxO" for "12" as a password.
"$2y$10$" is the algorithm and the cost used to generate the hash.
The next 22 characters should be the salt and the last the hash.

What could I be doing wrong here?

Also:
Can I have two users in myBB with the same username? As I would like to use the first name of a user for their username.


Thanks for reading through this and for helping Angel
No, you cannot have two users with the same username. Regarding the salt, check the generate_salt() function. Then check salt_password()
(07-23-2014, 01:38 AM)Pirata Nervo Wrote: [ -> ]No, you cannot have two users with the same username. Regarding the salt, check the generate_salt() function. Then check salt_password()

Thanks for clearing that up.


I played around for a bit with this but couldn't get it to work properly. I could create users but they couldn't log in. Once I changed there password using the admin panel they could..
Found an outdated API for myBB that can create users which work, gonna work of of that.
Just create the salt and the hashed password using the functions I posted.