You are here: Dataface :: Forum

Joomla integration with xataface

A place for users and developers of the Xataface to discuss and receive support.
Post a reply

Joomla integration with xataface

Postby fantomasdm » Sat May 03, 2008 7:12 am

I need to use user authentication of joomla 1.5 table. But for check password I have to use a special algorithm (md5 + salt). Is a way to do this?
Is possible to write my check password function?
fantomasdm
 
Posts: 114
Joined: Thu Mar 13, 2008 2:35 pm
Top

Postby shannah » Sat May 03, 2008 9:01 am

You can implement the xxx__serialize() method in the delegate class to make this possible. All values are serialized before being inserted or compared in the database and this method overrides how that serialization takes place.

e.g. if the column name is 'password', the the users table delegate class would contain a method like:

Code: Select all
function password__serialize($value){
    return my_special_encryption($value);
}


Note that if you were only using MD5 (and not the combination as you describe, this could have been accomplished with the 'encryption' property in the fields.ini file.

In fact, If you wouldn't mind posting your solution for your serialize function I can add this to the next release of xataface as the 'joomla' encryption so that it will also be able to be achieved via the encryption parameter. Currently only MD5, PASSWORD, SHA1, and ENCRYPT are supported.

-Steve
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm
Top

Postby fantomasdm » Sun May 04, 2008 6:09 am

It works....but I'm not sure if it is correct....

Code: Select all
function password__serialize($password){

   $app =& Dataface_Application::getInstance();
   $query = "SELECT id, gid, block, password, usertype FROM jos_users where username='".$_POST['UserName']."'";
    $risultato = mysql_query($query,$app->db()) or die("Query fallita: " . mysql_error() );

   $linea = mysql_fetch_array($risultato, MYSQL_ASSOC);
    /* Liberazione delle risorse del risultato */
    mysql_free_result($risultato);

   $arraypass=explode(":", $linea['password']);
   $salt=$arraypass[1];
   
   $ret = md5(trim($password).$salt).":".$salt;
   return $ret;
}
   
fantomasdm
 
Posts: 114
Joined: Thu Mar 13, 2008 2:35 pm
Top

Postby shannah » Sun May 04, 2008 9:14 am

Well, this is doing a bit of extra stuff that it doesn't need to do. The __serialize method receives the password as a parameter, which you are meant to encode:

Code: Select all
function password__serialize($password){

   $arraypass=explode(":",$password);
   $salt=$arraypass[1];
   
   $ret = md5(trim($password).$salt).":".$salt;
   return $ret;
}
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm
Top

Postby fantomasdm » Mon May 05, 2008 11:58 pm

Hi, The salt is calculated on registration by an randomic algorithm on create password, so to get md5(pwd.salt) I have to read it from database.
fantomasdm
 
Posts: 114
Joined: Thu Mar 13, 2008 2:35 pm
Top
Post a reply

Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 16 guests

Powered by phpBB® Forum Software © phpBB Group
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved