Thanks Ray, that has been most useful, so just to be clear, this:
if (isset($_POST["submit"]) || isset($_POST["submit_x"])) {
$Authenticate = new WA_MySQLi_Auth($db);
$Authenticate->Action = "authenticate";
$Authenticate->Name = "Login";
$Authenticate->Table = "admins";
$Authenticate->addFilter("username", "=", "s", "".((isset($_POST["username"]))?$_POST["username"]:"") ."");
$Authenticate->addFilter("password", "=", "s", "".((isset($_POST["password"]))?$_POST["password"]:"") ."");
$Authenticate->storeResult("username", "userName");
$Authenticate->storeResult("superuser", "superUser");
$Authenticate->AutoReturn = false;
$SuccessRedirect = "/success/";
$FailedRedirect = "/failed/";
if (function_exists("rel2abs")) $SuccessRedirect = $SuccessRedirect?rel2abs($SuccessRedirect,dirname(__FILE__)):"";
if (function_exists("rel2abs")) $FailedRedirect = $FailedRedirect?rel2abs($FailedRedirect,dirname(__FILE__)):"";
$Authenticate->SuccessRedirect = $SuccessRedirect;
$Authenticate->FailRedirect = $FailedRedirect;
$Authenticate->execute();
}
would then become:
if (isset($_SESSION['auth_trigger']) && ($_SESSION['auth_trigger'] = "passed")) {
$Authenticate = new WA_MySQLi_Auth($db);
$Authenticate->Action = "authenticate";
$Authenticate->Name = "Login";
$Authenticate->Table = "admins";
$Authenticate->addFilter("username", "=", "s", "".((isset($_POST["username"]))?$_POST["username"]:"") ."");
$Authenticate->storeResult("username", "userName");
$Authenticate->storeResult("superuser", "superUser");
$Authenticate->AutoReturn = false;
$SuccessRedirect = "/success/";
$FailedRedirect = "/failed/";
if (function_exists("rel2abs")) $SuccessRedirect = $SuccessRedirect?rel2abs($SuccessRedirect,dirname(__FILE__)):"";
if (function_exists("rel2abs")) $FailedRedirect = $FailedRedirect?rel2abs($FailedRedirect,dirname(__FILE__)):"";
$Authenticate->SuccessRedirect = $SuccessRedirect;
$Authenticate->FailRedirect = $FailedRedirect;
$Authenticate->execute();
}
Hopefully this will help some others in adding hashed and salted passwords to webassist's login functionality.