I'm trying to get a demo shop working, www.dottedi.us/foxycart (aka https://dottedi.foxycart.com/cart
) with single sign on. To keep things single, eliminate variables, in foxycart administration 'STORE/advanced' I chose the customer password hash type as "MD5 Unsalted (not recommended).
Back on my demo website I set up a simple password creation mechanism for new accounts like this:
$password = addslashes($_POST["password"]);
$encrypted_password = md5($password);
$query = "insert into sp_users
( fname, lname, username, email, password )
The md5 password looks like: "05051dad8ad9ea621e2ef671c9ea18ad" and works perfectly on my website. However going through SSO once I get redirected back to foxycart to the https://dottedi.foxycart.com/checkout?fc_auth_token=
page, I enter the email address of the customer (from my website) and it foxycart indicates the account exists and opens the password field.
Logging in fails, however. I also try logging in as that customer at https://admin.foxycart.com/admin.php
and that fails too. Where is the password disconnect?