if ($user_settings[’‘passwd’’] != $sha_passwd) { //handle bad password }
else
{ //handle correct password }
so it seems as the username is put in front of the password and then a sha1 is calculated from all of it. oh yeah and there is a column named “passwordSalt” in the database.
My biggest problem is not my laziness … but my lack of java-knowledge
if you have much more PHP knowledge you could modify the scripts (registration + change password) to store the username and md5 password also in another table and write one to fill it using the existing data. This one could be used by Openfire without problems.
Having the username and password two times in the same database if of course not a very good solution but probably faster to implement than modifying the existing auth. provider.
I wonder if you have no school or university around, even a non-professional should get this done. On the other hand it’'s never a fault to have at least very basic PHP and Java knowledge to do such things by oneself.
To “activate” it with current members, ask them to change their password in Profile (no need to actually change the password though, they can just enter their current password as the New Password in Profile).