Hi,
I try to modify the md5 external authenticationto use more secure encryption.
To do it I need to extract the salt from the original hash (in the external database) and hash the user supplied password with it, so the new and the old hash will match.
The reason is that the salt is random per user.
Anyway I modified auth\db\auth.php like this:
Bellow this:
if ($this->config->passtype === 'md5') { // Re-format password accordingly
I added this
$get_externalhash = $authdb->Execute("SELECT password FROM {$this->config->table} WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' ");
The Problem:
echo $get_externalhash returns "password xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
and of course I need just the "xxxxxxxxxxxxxxxxxxxxxxxxxx"
$extpassword = $get_externalhash($row['password']; will not work
anybody have an idea what the correct way will be in moodle?