kjtocool Posted April 25, 2008 Share Posted April 25, 2008 So I make everyone on my site register with my phpbb 3.0.1 forum to use various main site features, and I had been querying the phpbb database to find out the username/password of the user. It seems the password hash has changed from MD5 between 3.0 RC5 and 3.0.1, and now all my php login scripts are busted. Can anyone tell me what the new hash is and how I should modify my code to fix it? The only really relevant code is: <?php $passwordHash = md5($_POST['user_password']); ?> Link to comment https://forums.phpfreaks.com/topic/102890-solved-phpbb-301-password-hash-not-md5/ Share on other sites More sharing options...
kjtocool Posted April 25, 2008 Author Share Posted April 25, 2008 Frickin phpbb I now have to add about 100 lines of code, modify the query to retrieve the hashed password, then send the hashed password and the users password through 4 functions to find out if they match. Really? MD5 wasn't safe enough? Sigh, going from one line to 150 is never fun. Link to comment https://forums.phpfreaks.com/topic/102890-solved-phpbb-301-password-hash-not-md5/#findComment-527086 Share on other sites More sharing options...
TEENFRONT Posted April 25, 2008 Share Posted April 25, 2008 md5 is pretty old and i usually use a few different methods to secure the passwords including md5(). Link to comment https://forums.phpfreaks.com/topic/102890-solved-phpbb-301-password-hash-not-md5/#findComment-527107 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.