password encryption in users table

Hi,
I recommend you to try the following.

Check off Encrypt password option in User login settingsdialog on the Securitytab in PHPRunner.

Then build the pages and open generated login.phpfile with a text editor.

Find this line there:

$strPassword=md5($strPassword);

try to replace it with:

$strPassword=sha1($strPassword);

or with:

$strPassword=strtoupper(sha1($strPassword));

Changing that code in the login.php file makes no difference. I still get 'invalid login'.
I have read in various previous posts that talk about changing the line specified.
Which is one of the reason I started a new thread regarding it.
Does version 4.2 handle sha1 password hashes?

Hi,
We don't plan to add sha1 feature.

You can easily implement it in generated files as I showed you before.
I suppose punBB uses more complex password encryption scheme than just sha1 coding.

Unfortunatelly I don't know how punBB authentication works and can not provide you more help here.

It would be a useful enhancement if you could add an option to the login config for custom code here (like the custom format code on screens and reports etc).
That would save the manual edits?

Steve,
sure, you can use BeforeLogin event to put your custom login procedure there.

It looks as though the before login event is missign a value, it needs strSQL passed in to be able to affect that?
Or am I missing something? (Probably!)

How to change HASH function in PHPRunner 5.1 ? (Can't find $strPassword=md5($strPassword); in login.php file)

Olegsg,
make sure 'Password encryption' option is turned on in PHPRunner.

Thank you, it works.