The Midnighter Posted December 19, 2008 Share Posted December 19, 2008 Alright, so I've got the user names, and their passwords are only encrypted with md5 ( lol ) so, what I'm trying to do, is create a 2nd website that will use the same logins as the first, I presume I can do this by simply using the login script created on the first webpage - I'm basically just asking to make sure I'm going about doing this correctly. Thanks! Quote Link to comment https://forums.phpfreaks.com/topic/137715-merging-users-from-a-mysql-database/ Share on other sites More sharing options...
premiso Posted December 19, 2008 Share Posted December 19, 2008 You would have to setup a connection to sitea's database to check it. So instead of "localhost" for the database it would be something along the lines of "mysql.yoursite.com" or "yoursiteasip" with the same DB information. If you are on a dedicated host and the sites are hosted on the same server, you should just have to specify the database username/password and database name to access it. Quote Link to comment https://forums.phpfreaks.com/topic/137715-merging-users-from-a-mysql-database/#findComment-719846 Share on other sites More sharing options...
The Midnighter Posted December 19, 2008 Author Share Posted December 19, 2008 Oh yeah, it's on the same server, same web space. Just creating a different portal, let's call it - and I want them to use the same logins as they currently have with the CMS portal. I can't believe how easy the passwords were to crack, lol md5 is so useless. So I have it right though, yeah? Quote Link to comment https://forums.phpfreaks.com/topic/137715-merging-users-from-a-mysql-database/#findComment-719863 Share on other sites More sharing options...
premiso Posted December 19, 2008 Share Posted December 19, 2008 How did you crack the md5 passwords? md5 is a 1 way hash....there is no decrypting it and if you are using a unique salt, it should be very hard to crack. But yea you can connect to sitea's database from siteb as long as siteb as sitea's information if that makes sense. The technique for md5 hashing I always use is my own function <?php define("SALT1", "someRa#$%#$^@@#$"); define("SALT2", "@#$#$%sf¿#$^@@#$"); function my_md5($string) { return md5(SALT1 . $string . SALT2); } ?> That should guarantee a unique salt, and someone would have to have both salts exactly to guess passwords etc. MD5 is not flawed, although your usage of it maybe. Quote Link to comment https://forums.phpfreaks.com/topic/137715-merging-users-from-a-mysql-database/#findComment-719873 Share on other sites More sharing options...
The Midnighter Posted December 19, 2008 Author Share Posted December 19, 2008 It's not my use, it's a CMS's use of it. And it's severely flawed, lol. And yeah, that's perfect I just had to make sure I wasn't insane, thanks a lot Quote Link to comment https://forums.phpfreaks.com/topic/137715-merging-users-from-a-mysql-database/#findComment-719881 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.