|
Validating a username and password from external pages
by
26 Jan 2011
Seems like rocket science to get the proper informatiion but here is some code I whipped up this afternoon.
I needed a way for users of my site to log into my main site using their forum username and password and I thought this would help others trying to do the same.
PHP Code:
<?
$server=ENTER VBULLETIN SERVER IP HERE;
$databaseusername=ENTER VBULLETIN DATABASE USERNAME HERE;
$databasepassword=ENTER VBULLETIN DATABASE PASSWORD HERE;
$databasename=ENTER VBULLETIN DATABASE NAME HERE
$chandle =mysql_connect ($server, $databaseusername", $databasepassword);
if (!mysql_select_db($datababasename, $chandle)) die("can't select database");
$username=mysql_real_escape_string($_REQUEST['username']);
$password=mysql_real_escape_string($_REQUEST['password']);
$pass=false;
$passworderr="please enter a password";
$usernameerr="please enter a username";
if (($username<>"") && ($password<>""))
{
$sql="SELECT username,password,salt FROM `user` WHERE username='".$username."' LIMIT 0 , 1";
$sresult = mysql_query($sql);
if (!$sresult) die ("bad sql in username lookup ".$sql." ".mysql_error());
$row=mysql_fetch_array($sresult);
if (mysql_affected_rows()==1)
{
if (md5(md5($password) . $row['salt']) == $row['password'])
$pass=true;
else
$passworderr="<b>invalid password</b>";
}
else
$usernameerr="<b>username not found</b>";
}
if ($pass==true)
{?>
Thank you for logging in
<? }
else
{?>
<form type="post">
<table>
<tr>
<td align=right><? echo $usernameerr ?></td>
<td><input type=text name=username value="<?echo $username ?>" width=20></td>
</tr>
<td>
<tr>
<td align=right><? echo $passworderr ?></td>
<td><input type=password name=password value="<?echo $password ?>" width=20>
<input type=submit value="log in">
</td>
</tr>
</table>
<? }?>
|