Menu
In my iOS app I am trying to allow users to login to the store with their current user info that is already in the OpenCart system. If I understand correctly, the passwords are encrypted using MD5. When I encrypt the password from the app it doesn't match what is stored in the database. Any suggestions on why this may be? And any suggestions on how to solve it? This is the first time I have ever done anything of this sort.
582
asked Mar 13 '26 09:03
According to user model of OpenCart, password encryption is a bit more complex, than just MD5:
public function addUser($data) {
$this->db->query("INSERT INTO `" . DB_PREFIX . "user` SET username = '" . $this->db->escape($data['username']) . "', salt = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', user_group_id = '" . (int)$data['user_group_id'] . "', status = '" . (int)$data['status'] . "', date_added = NOW()");
}
So first you generate salt like this:
$salt = substr(md5(uniqid(rand(), true)), 0, 9);
Then you encrypt password:
$password = sha1($salt . sha1($salt . sha1($data['password'])));
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With