Sharing login and password for personal project with osCommerce store

I'm integrating an application with the osCommerce shopping cart and want users to be able to log into the app with the same account details they do with osCommerce.开发者_如何转开发

Everything works fine but I got stuck on the user login system. I need to know how to check against a user entered password in my application against the osCommerce user's credentials. They're using a combination of MD5 and salt for generating the password.

How can I use that method to check my user's password?

To check against the password saved in osCommerce, just use the osCommerce function that checks the attempt against the one stored in the database. You'll find this function in the following:

catalog/includes/functions/password_funcs.php

////
// This funstion validates a plain text password with an encrpyted password
function tep_validate_password($plain, $encrypted) {
  if (tep_not_null($plain) && tep_not_null($encrypted)) {
    // split apart the hash / salt
    $stack = explode(':', $encrypted);  

    if (sizeof($stack) != 2) return false;

    if (md5($stack[1] . $plain) == $stack[0]) {
      return true;
    }
  }
  return false;
}

So all you need to do is extract the password column from the customers table, based on their entered email address, and compare.

tep_validate_password(password_attempt, password_from_osC)

If you're just going to include it, make sure you also include the catalog/includes/functions/general.php file since that's where the tep_not_null function is defined.