General developer forum

Hi John

I think Moodle uses MD5 encryption on the password, I've certainly pasted an MD5 password direct into the mdl_user table when I reset my password and it worked.

Just suggestions, but if you've got the user details logging into your website and they are identical to what Moodle uses then what about including an extra step in the php file that creates the user for your website, easier than trying to hack Moodle, believe me! You might need to re-encrypt the password they register with to MD5 for Moodle, but essentially

e.g.
$query=mysql_query("insert into user (<fields>) VALUES (<user details>)"); //add user to the website

$query2=mysql_query("insert into mdl_user (<fields>) VALUES (<user details>)"); //add user to moodle

assuming you're using php and mysql that is. Then you redirect the login page for moodle to an alternate login page, your website login page. That can be done through the site admin settings in Moodle.
It might not be single-sign on, but it should add the user simultaneously to both the mdl_user and user tables when they register.
If you want more flash then setup some session variables for the username and password that match Moodle's session variables you could have an effective single sign-on as the user would login to your website which would create the session variables and then because the variables are set already the user would be automatically logged into Moodle ???

Updating e-mail addresses in moodle - what about a scheduled job/cron job? It processes a php file that connects to both database tables compares mdl_user to user and updates one to the other where there is a difference, depends where they change their e-mail address of course. That cron job can then be run every so often (5 minutes, 30 minutes, on the hour etc.) even overnight if you've got a lot of users and it should mean that your e-mail addresses are up-to-date, and if they're not just wait for the next cron job execution, or manually run the cron job yourself (might be a problem if it's an overnight thing and it's checking 1000s of users).

It might not be particularly elegant and I'm sure there's better ways to handle it. But that would be my suggestion.

Your approach is wrong. One should never do integration in that way. The right way would be to store users in separate store and link both systems to that. Moodle already fully supports SSO with CAS or Shibboleth and user account sync.

http://docs.moodle.org/26/en/CAS_server_(SSO)

http://docs.moodle.org/26/en/Shibboleth

If this does not satisfy your needs a custom development would be in order but it should be handled through custom authentication plugin, not directly drilling in the database.