> But how does dbmail authenticate users in the db?
It selects both the password and the encryption_type from the
database for that userid - then compares the password based on
what format it's in (encryption type) - for crypt()'d passwords
(or md5 digests), it calculates the the crypted hash with the
password provided by the user and the password retrieved from the
db as the salt. Something like
if ($db_pw == crypt($pw,$db_pw))
# valid password....
else
# fails...
Jesse
--
Jesse Norell
jesse (at) kci.net
