0

Hey all,

Been trying to work this out. But I'm stumped!

Got a database running on Moodle. Want to create an external script which uses the usernames and passwords from the table moodle_user and the db Profiled_Moodle.

Here is my page so far:

<?php include 'header/config.php';?>
<div id="Container">
        <?php
     if ($_POST['submit']) {

        //your dbname
        mysqli_select_db($con,'moodle_user') or die(mysql_error()); 

        $salt = '7(}AouN0sysQF#{]s@[F]Y~b]5E'; //change with your salt
        $password = md5($_POST['password'] . $salt);

    $username = $_POST['username'];


        $query = "SELECT * FROM moodle_user WHERE username = '{$_POST['username']}' AND password = '$password'";

        $result = mysql_query($query) or die(mysql_error());

        echo '<pre>' . $username ;

        while ($row = mysql_fetch_assoc($result)) {
            print_r($row);
            echo 'logged in as:' . $username;
        } 
    } else {
        echo "Not logged in";
    }
    ?>

The reason I have that salt is because in moodle config.php I have that set.

$CFG->passwordsaltmain = '7(}AouN0sysQF#{]s@[F]Y~b]5E';

When I login to the form. Nothing is happening? I'm not getting an echo or print

Thanks guys

5
Contributors
10
Replies
59
Views
4 Years
Discussion Span
Last Post by bradly.spicer
Featured Replies
  • Change following things mysql_query($query) to mysqli_query($con, $query) and mysql_fetch_assoc($result) to mysqli_fetch_assoc($result) Read More

0

Start with adding lots of echos....

e.g. between line 3 and 4 add echo '1';
after your $_POST check line add echo '2';

if they don't show up add a die after them... echo '1';die;

if it doesn't show up check config.php

0

I don't really see that being the logical solution paul, thanks

Edited by bradly.spicer

1

Change following things

mysql_query($query)

to

mysqli_query($con, $query)

and

mysql_fetch_assoc($result)

to

mysqli_fetch_assoc($result)
0

Hey Paul, The solution above yours was the key. It's a mistake I make way tooooo much.

Thanks to code rum.

Don't suppose you could help me with this. Once I click login. It says

Access denied for user 'profiled_Moodle'@'localhost' to database 'moodle_user'

Which should be correct because it is using the EXACT same details the moodle config uses.

0

mySQL admin> user administration or privileges
Add privileges to profiled_Moodle
May be this should work

0

Hi Diafol, I'm trying to make a system where it takes all the information for users etc in moodle and allows me to construct a site where permissions which are on Moodle work on this site etc.

E.g

User 1 can access course 1 and 2 on Moodle.

User 1 can then access course 1 and 2 on the submission site (The one i'm making) and fill out a table which they can tick (Like a grading system). Which will then send information to the database saying wether it is completed, being reviewed or pending.

at the moment, I'm just trying to make it so they can login to the site using the moodle details.

The Moodle is one we own, and is hosted on our web server.

0

If the two sites are on different servers, then the user profiled_Moodle may not have privilige to be used (as code_rum suggested). That user probably has access only to localhost to avoid tampering, meaning you cannot use that one from outside the server. You should create a new user which has privilige to access the database from a specific IP, and has few rights, preferably SELECT only on the tables you actually need.

0

Hey pritaeas, got it to work, I was calling a table when I should have been calling the Database. It's now printing out all of the information in an array.

I suppose I have to try and get Sessions working now and trying to detect whether or not someone has access to view certain pages haha.

Thanks Prit,

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.