Index: drupalvb.inc.php
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/drupalvb/drupalvb.inc.php,v
retrieving revision 1.9.4.9
diff -u -p -r1.9.4.9 drupalvb.inc.php
--- drupalvb.inc.php	30 Apr 2008 10:25:29 -0000	1.9.4.9
+++ drupalvb.inc.php	1 May 2008 19:44:40 -0000
@@ -29,25 +29,25 @@ function drupalvb_set_login_cookies() {
   $vb_config = drupalvb_get('config');
   $vb_options = drupalvb_get('options');
 
-  $cookie_prefix = (empty($vb_config['Misc']['cookieprefix']) ? 'bb' : $vb_config['Misc']['cookieprefix']);
+  $cookie_prefix = (isset($vb_config['Misc']['cookieprefix']) ? $vb_config['Misc']['cookieprefix'] : 'bb');
   $cookie_path = $vb_options['cookiepath'];
   $cookie_domain = $vb_options['cookiedomain'];
   $now = time();
-  $expire = time() + 60 * 60 * 24 * 365;
+  $expire = $now + (@ini_get('session.cookie_lifetime') ? @ini_get('session.cookie_lifetime') : 60 * 60 * 24 * 365);
 
   // Setup user session.
   $sessionhash = md5('drupalvb'. $vbuser['userid']);
   $ip = implode('.', array_slice(explode('.', drupalvb_get_ip()), 0, 4 - $vb_options['ipcheck']));
   $idhash = md5($_SERVER['HTTP_USER_AGENT'] . $ip);
 
-  drupalvb_db_query("INSERT IGNORE INTO {session} (sessionhash, userid, host, idhash, lastactivity, location, useragent) VALUES ('%s', %d, '%s', '%s', %d, '%s', '%s')", $sessionhash, $vbuser['userid'], $_SERVER['REMOTE_ADDR'], $idhash, $now, '/forum/', $_SERVER['HTTP_USER_AGENT']);
+  drupalvb_db_query("INSERT IGNORE INTO {session} (sessionhash, userid, host, idhash, lastactivity, location, useragent, loggedin) VALUES ('%s', %d, '%s', '%s', %d, '%s', '%s', %d)", $sessionhash, $vbuser['userid'], $_SERVER['REMOTE_ADDR'], $idhash, $now, '/forum/', $_SERVER['HTTP_USER_AGENT'], 2);
 
   // Setup cookies.
   setcookie($cookie_prefix .'sessionhash', $sessionhash, $expire, $cookie_path, $cookie_domain);
   setcookie($cookie_prefix .'lastvisit', $now, $expire, $cookie_path, $cookie_domain);
   setcookie($cookie_prefix .'lastactivity', $now, $expire, $cookie_path, $cookie_domain);
   setcookie($cookie_prefix .'userid', $vbuser['userid'], $expire, $cookie_path, $cookie_domain);
-  setcookie($cookie_prefix .'password', md5($vbuser['password'] . $vbuser['salt']), $expire, $cookie_path, $cookie_domain);
+  setcookie($cookie_prefix .'password', md5(md5($vbuser['password']) . $vbuser['salt']), $expire, $cookie_path, $cookie_domain);
   return TRUE;
 }
 
@@ -58,7 +58,7 @@ function drupalvb_clear_cookies() {
   $vb_config = drupalvb_get('config');
   $vb_options = drupalvb_get('options');
 
-  $cookie_prefix = (empty($vb_config['Misc']['cookieprefix']) ? 'bb' : $vb_config['Misc']['cookieprefix']);
+  $cookie_prefix = (isset($vb_config['Misc']['cookieprefix']) ? $vb_config['Misc']['cookieprefix'] : 'bb');
   $cookie_path = $vb_options['cookiepath'];
   $cookie_domain = $vb_options['cookiedomain'];
   $expire = time() - 3600;
@@ -113,7 +113,7 @@ function drupalvb_create_user($account, 
   for ($i = 0; $i < 3; $i++) {
     $salt .= chr(rand(32, 126));
   }
-  $passhash = md5($edit['pass'] . $salt);
+  $passhash = md5(md5($edit['pass']) . $salt);
   $passdate = date('Y-m-d H:i:s', time());
   $joindate = time();
 
@@ -172,7 +172,7 @@ function drupalvb_update_user($account, 
 
       case 'pass':
         $fields[] = "password = '%s'";
-        $values[] = md5($value . $edit['salt']);
+        $values[] = md5(md5($value) . $edit['salt']);
         $fields[] = "salt = '%s'";
         $values[] = $edit['salt'];
         $fields[] = "passworddate = '%s'";