I'm creating a component for Joomla. It's integrations with popular social websites. I retrieve user information from database via given social profile. Then, I attempt to create this user login using the following code:

$fbuser = $facebook->api(
                    'access_token' => $_SESSION['active']['access_token']

            // Get a database object
            $db =& JFactory::getDBO();
            $query = "SELECT * FROM #__users WHERE email = '".$fbuser['email']."';";
            $row = $db->loadRow();

                $app = JFactory::getApplication();
                $user =& JUser::getInstance($row[0]);

                $credentials = array();
                $credentials['username'] = $user->get('username');
                $credentials['password'] = $user->get('password'); // When I change this to related users plain password then it works

            $options = array();
                $options['remember']     = true;
                $options['silent']     = true;

                $app->login($credentials, $options);
                return 'There is no account associated with facebook';

The issue is database return encoded password which does not work. After I give decoded password to $qualifications it really works. What could possibly be the problem?

One choice is to produce your personal authentication wordpress plugin (fairly simple task) that will sign in any user having a specific password known simply to your site.

You'll be able to supply that password together with known username.

With regard to security, only allow that wordpress plugin to sign in regular customers, and never admins.

You have to MD5 hash the pwd (the way in which it's saved within the DB).

do this:

$salt = '19IQYkelXrqVH1Eht6PFOIZRe5T1SQHs';
$pwd = md5_hex($pwd .  $salt) .":$salt";
$query = "select name,username,email,password from jos_users where password = $pwd;";