Get client password (API)

[m00]

I'm currently creating an external website with a login form. Now I want to check the filled in credentials using the API, but I'm not sure how I can realize this.

 

I can request the password using the getclientsdetails action, but encrypted in some way. I tried to decrypt it using the decryptpassword action, but then I just get some random characters. How can I request the client password in MD5 format (or something else), so I can check it with the filled in password on the external website?

 

Thanks!

[Matt]

Hi,

 

Have a look @ http://wiki.whmcs.com/API:Get_Clients_Password which explains the format of the password if using the MD5 option. It's standard MD5 but with a salt aswell so you just need to do the same to the entered value and then compare with the hashed password that is returned from the API.

 

Matt

[m00]

Thanks Matt! That did the trick. I just needed to RTFM. Sorry for that.

[m00]

Another issue when I use the addclient action. When I try to create a new account using the action, it creates the account, but returns the A user already exists with that email address error. Is this a bug, or am I missing something? Postfields that I'm sending are:

			"firstname" => sanitize($_POST['firstname']), 
		"lastname" => sanitize($_POST['lastname']),
		"email" => sanitize($_POST['email']),
		"address1" => sanitize($_POST['address1']),
		"address2" => sanitize($_POST['address2']),
		"city" => sanitize($_POST['city']),
		"state" => sanitize($_POST['state']),
		"postcode" => sanitize($_POST['postcode']),
		"country" => sanitize($_POST['country']),
		"phonenumber" => sanitize($_POST['phonenumber']),
		"password2" => sanitize($_POST['password2']),
		"currency" => 1,
		"noemail" => "true",

[m00]

Ignore the latest question, it was caused by a stupid scripting error.