[Koha] PHP equivalent for koha's password encryption

otuoma otuomathegreat at yahoo.com
Tue May 26 00:04:23 NZST 2015


I solved it myself after looking at this page
https://github.com/gmcharlt/vufind/commit/92e5599a1a87370a824a951a02f599821af6eeef

The code below needs some improvements but it basically works:
 <?php
    if(isset($_POST['user']) && isset($_POST['pass'])){

        $con = mysql_connect("localhost", "dbusername", "dbpass") or 
die("Could not connect: " . mysql_error());

        mysql_select_db("kohadatabasename");
        
        $userid = $_POST['user'];
        $password = $_POST['pass'];
        
        $result =  mysql_query("SELECT password FROM borrowers WHERE userid
= '{$userid}' LIMIT 1;");
        
        while ($row = mysql_fetch_array($result)) {
            
            $old_hash = rtrim(base64_encode(pack('H*', md5($password))),
'=');
            
            $new_hash = crypt($password, $row['password']);
            
            if( ($row['password'] === $old_hash) || ($row['password'] ===
$new_hash) ){
                echo "login success";
            }  else {
                echo "Failed to login...........";
            }
            
        }
        mysql_close($con);
    }else{ //
    echo "go to http://my.homepage.com";
    }





--
View this message in context: http://koha.1045719.n5.nabble.com/PHP-equivalent-for-koha-s-password-encryption-tp5841459p5841505.html
Sent from the Koha-general mailing list archive at Nabble.com.


More information about the Koha mailing list