How to validiate password

  • Hi,


    I'm trying to link an application to wbb3 and need to know how passwords are created in wbb3,
    I tried the following combinations but they didn't get me the correct values


    Code
    md5(user-input)
    md5(userinput . user-salt)
    md5(md5(user-input) . user-salt)


    P.S. user-input comes from my login form, and user-salt comes from wbb3 database



    Edit, I guess I found my answer. following code returned the correct value for password (for me)


    and this worked

    PHP
    if($getuser['password'] == getDoubleSaltedHash($loginpassword, $getuser['salt']))
    //$getuser['password'] is the password entered from login form

    Edited 2 times, last by esi ().

  • Hi,


    as you found out, StringUtil::getDoubleSaltedHash() is the solution. :)

    FSK 12 - Der Gute kriegt das Mädchen
    FSK 16 - Der Böse kriegt das Mädchen
    FSK 18 - Alle kriegen das Mädchen