Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

managing usernames sitewide with php

figuring out a way to control users on multiple applications

9:46 am on Jan 28, 2008 (gmt 0)

Junior Member

5+ Year Member

joined:Jan 15, 2008
votes: 0


I have several application on my site which include integrated Blog (Wordpress multi user) and Forum (phpbb 3). Both have great user login and administration options.
Beside these I have my own (homemade) CMS system which also allows users to register and by doing so post comments on articles or even send their own articles (depending on access level assigned).

I believe you already see my problem : ) I have (up till now) 3 different register/login options on a single site. This looks very bad and annoying. Luckily my whole websites is still in the testing phase (not online).

My header.php with login form (my own, homemade) is included sitwide, this includes blog and forum.

I'm in need of serious advice from you guys, especially if you had similar situations. I have moderate knowledge of PHP any mysql (mostly PHPmyadmin)

I noticed when I check users tables in database that both (PHPbb and Wordpress) create scrambled(hashed?) passwords. When I created my login form this was not the case.

To summarize: what would be the best practice to control all users and allow them single-sitewide login/registration option?

Thank you very much, if you need more info please ask, I'll be glad to explain everything in more detail as needed.

p.s. I believe this problem/solution resides in the domain of PHP serverside, if I'm mistaken please move the post to the appropriate subforum.

10:16 am on Jan 28, 2008 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 22, 2005
votes: 0

it is not easy task but it can be done. I don't use phpBB and wordpress so I don't know how they structure their user tables.

hack wordpess login system so that wordpress will query phpBB user table during login and logout process. registration process should only happen in phpBB. means remove other registration scripts. finally it is bad practice not to hash passwords because it can easily be compromised.

2:21 pm on Jan 28, 2008 (gmt 0)


WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
votes: 0

Welcome to WebmasterWorld punisa,

as for the "hashed passwords", the odds are it is just done using MD5 [php.net]. You could take a look at this for some info on user management [webmasterworld.com].

as far as hacking them together

I would pick one of the systems as the 'main' one and then make all others work with it.

I would also shy away from using your own login/user mgmnt system when both of the packages mentioned can probably do it better.

You'll have to go through a chunk of queries and look at the session and what info each package needs among many other things.


Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members