I am developing a php application for our library and i want our patrons to login to the new app using the same credentials they use to login to koha. I've tried using the following code but it produces a different string everytime it is run. <?php echo shell_exec(perl -MKoha::AuthUtils -e 'print Koha::AuthUtils::hash_password("mystrongpassword"), "\n"'); ?> Most probably the password is salted as well and i cant figure out how. Anyone wid some ideas will be highly appreciated. -- View this message in context: http://koha.1045719.n5.nabble.com/PHP-equivalent-for-koha-s-password-encrypt... Sent from the Koha-general mailing list archive at Nabble.com.
I solved it myself after looking at this page https://github.com/gmcharlt/vufind/commit/92e5599a1a87370a824a951a02f599821a... The code below needs some improvements but it basically works: <?php if(isset($_POST['user']) && isset($_POST['pass'])){ $con = mysql_connect("localhost", "dbusername", "dbpass") or die("Could not connect: " . mysql_error()); mysql_select_db("kohadatabasename"); $userid = $_POST['user']; $password = $_POST['pass']; $result = mysql_query("SELECT password FROM borrowers WHERE userid = '{$userid}' LIMIT 1;"); while ($row = mysql_fetch_array($result)) { $old_hash = rtrim(base64_encode(pack('H*', md5($password))), '='); $new_hash = crypt($password, $row['password']); if( ($row['password'] === $old_hash) || ($row['password'] === $new_hash) ){ echo "login success"; } else { echo "Failed to login..........."; } } mysql_close($con); }else{ // echo "go to http://my.homepage.com"; } -- View this message in context: http://koha.1045719.n5.nabble.com/PHP-equivalent-for-koha-s-password-encrypt... Sent from the Koha-general mailing list archive at Nabble.com.
participants (1)
-
otuoma