The website is for sale. Check here for more information.
This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Manage myBB-accounts with external script?
#1
Hi everyone,

what I am trying to do is this: I have a service for which people create accounts and I want to provide a forum in which they can ask questions and give feedback. Now I would like to make it so that they automatically get an account for the forum once they register for my service and I would also like to make it so that they can only manage their account from my service resulting in them always having the same login-credentials for both.

For now I am concerned with creating an account on a myBB forum from a PHP script.
Looking through the tables myBB creates I so far have a created a method that takes the hashes password I generate using password_hash in PHP and taken the salt and hashed value from it. I inserted that together with a username and email into the mybb_users table. With that however I could not log in. After copy pasting the salt and password-hash from another user already in the table I could login. So I am guessing that I am doing something wrong with converting my hash to the one needed for myBB.

Code:
private function createForumAccount($firstName, $email, $password) {
        //Prepare entries
        $hash = substr($password, 29);
        $salt = substr($password, 7, 22);
        //Connect to forum Database
        global $fdbName;
        $fdb = new DatabaseConnector($fdbName);
        //Insert information
        $query = "INSERT INTO mybb_users (username, password, salt, email) VALUES ('$firstName', '$hash', '$salt', '$email')";
        $fdb->query($query);
    }

The password is generated using password_hash("password string", PASSWORD_BCRYPT) and $fdb is a mysqli based connection to the database of the forum. $password may look like "$2y$10$H66rqcmjTxu.rOo3JgoXq.zegE1V.yDouAqXyPu5bB25tEKShNjxO" for "12" as a password.
"$2y$10$" is the algorithm and the cost used to generate the hash.
The next 22 characters should be the salt and the last the hash.

What could I be doing wrong here?

Also:
Can I have two users in myBB with the same username? As I would like to use the first name of a user for their username.


Thanks for reading through this and for helping Angel
Reply
#2
No, you cannot have two users with the same username. Regarding the salt, check the generate_salt() function. Then check salt_password()
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Reply
#3
(07-23-2014, 01:38 AM)Pirata Nervo Wrote: No, you cannot have two users with the same username. Regarding the salt, check the generate_salt() function. Then check salt_password()

Thanks for clearing that up.


I played around for a bit with this but couldn't get it to work properly. I could create users but they couldn't log in. Once I changed there password using the admin panel they could..
Found an outdated API for myBB that can create users which work, gonna work of of that.
Reply
#4
Just create the salt and the hashed password using the functions I posted.
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Reply





Users browsing this thread: 1 Guest(s)

About MyBB-Plugins

Plug Yourself into the best MyBB AddOn.

Copyright © 2009-2021 MyBB-Plugins Forums.

Statistics

  • 51,000+ Posts
  • 19,000+ Members
  • 3,600+ Threads

Impressed? For sure
Check Full Stats here