Basically I just did a query to see if the user exists with the
encrypted password.
$res = $db->query("SELECT password FROM users where
username='$username' and password=password('$password') ");
$row = $db->fetchObject( $res );
$newPass = $row->{'password'};
if we get something back we authed, otherwise we didnt.
Good luck!
Thanks
Darren
On Thu, Aug 27, 2009 at 7:46 AM, Platonides<Platonides(a)gmail.com> wrote:
Happy-melon wrote:
"Darren Kemp"
<darrenkemp(a)gmail.com> wrote in message
news:1d83a8940908261052h7feedb1fi5d841db6f99a39a7@mail.gmail.com...
I have solved this issue. Thanks to those who
read and offered advice.
Using the method Michael Daly suggested? I know for a fact that I'm going
to have to do this on a new project of mine in the next few weeks, it would
be nice to have an idea of how to proceed.
--HM
I wouldn't perform an extra query just to encode the password.
MysqlAuthPlugin::authenticate($username, $password) {
/**connect to mysql table */
mysql_query("SELECT host FROM user WHERE user='$username' AND
password=PASSWORD('$password')"); //Need to be mysql_escaped for any
real use
/* Iterate checking that at least one host matches the user one
Or simply check that some row was returned, in which case
you can add a LIMIT 1.
*/
}
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
--
Darren Kemp - XGS
darrenkemp(a)gmail.com
http://world.anarchy.com/~dkemp