MD5 Password Encryption and Special Characters

[bbonora]

So... I guess my last post wasn't "Developer" worthy and was moved to the lounge.

http://forum.cmsmadesimple.org/viewtopi ... 28&t=63048

Anyway, the SelfRegistration module along with many other modules use MD5 to encrypt passwords. In the case of the SelfRegistration module MD5 is used in combination with salt.

Normally this isn't a problem unless the user has a "$" sign in their password. MD5 doesn't interpret the "$" sign properly which will prevent user from authenticating. Most scripts, including the SelfRegistration module, take the user inputted password, encrypt it using md5 and append the salt to the end of the string. The script then compares that string to the password string stored in the database. Because the dollar sign is seen as a special character by md5 the two strings will never match resulting in a failure to authenticated or in my case verify the user.

Does anybody know of a workaround to this problem? I don't want to limit the use of special characters within passwords because many users use them. I also don't want to have to change the encryption type in FEU and SelfRegistration for obvious reason.

Any help would be greatly appreciated.

Thanks,
BB