Hashing phpBB Passwords

At some point in the future I’ll be writing a more comprehensive article on linking external applications authentication to the phpBB user system, but in the meantime, if you just want to hash passwords or compare hashes then the following code is really useful

define('IN_PHPBB', true);
$phpbb_root_path = './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

$password = 'password';
$hash = phpbb_hash($password);

if (phpbb_check_hash($password, $hash)) {
echo '"Hash "'.$hash.'" matches password "'.$password.'"';
}

It allows you to run a separate php file which utilises phpBB functions to hash passwords; call it from a shell script, use it to login to servers etc.

 

Possibly related articles

Comments are closed.