- else {
- list($hash, $salt) = explode(':', $dbPassword);
- $cryptpass = md5($password . $salt);
- if ($hash != $cryptpass) {
- return FALSE;
+ }
+ else {
+ //new authentication method (J2.5.18/3.2.2 and greater)
+ // Get a database object
+ $db = JFactory::getDbo();
+ $query = $db->getQuery(TRUE);
+
+ $query->select('id, password');
+ $query->from('#__users');
+ $query->where('username='.$db->quote($name));
+
+ $db->setQuery( $query );
+ $result = $db->loadObject();
+
+ if ($result) {
+ $match = JUserHelper::verifyPassword($password, $result->password, $result->id);
+
+ if ($match === TRUE) {
+ $jUser = JUser::getInstance($result->id); // Bring this in line with the rest of the system
+ $dbId = $row['id'] = $result->id;
+ $dbEmail = $row['email'] = $jUser->email;