diff -Naur db_original/auth.php db/auth.php
--- db_original/auth.php	2009-11-23 19:02:46.000000000 -0500
+++ db/auth.php	2010-02-27 11:24:46.000000000 -0500
@@ -83,15 +83,10 @@
         } else {
             // normal case: use external db for passwords
 
-            if ($this->config->passtype === 'md5') {   // Re-format password accordingly
-                $extpassword = md5($extpassword);
-            } else if ($this->config->passtype === 'sha1') {
-                $extpassword = sha1($extpassword);
-            }
-
-            $rs = $authdb->Execute("SELECT * FROM {$this->config->table}
-                                WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."'
-                                  AND {$this->config->fieldpass} = '".$this->ext_addslashes($extpassword)."' ");
+            // first retrieve the password hash from the external table	  
+            $rs = $authdb->Execute("SELECT {$this->config->fieldpass} AS userpass
+				  FROM {$this->config->table}
+	 			  WHERE {$this->config->fielduser} = '".$this->ext_addslashes($extusername)."' ");
             if (!$rs) {
                 $authdb->Close();
                 print_error('auth_dbcantconnect','auth');
@@ -99,15 +94,61 @@
             }
 
             if (!$rs->EOF) {
+                $rec = rs_fetch_record($rs);
+                $extpasswordhash = $rec->userpass;
                 $rs->Close();
                 $authdb->Close();
-                return true;
             } else {
                 $rs->Close();
                 $authdb->Close();
                 return false;
-            }
+	    }
 
+	    // Re-format password according to the pass type
+            if ($this->config->passtype === 'md5') {
+                $extpassword = md5($extpassword);
+            } else if ($this->config->passtype === 'sha1') {
+                $extpassword = sha1($extpassword);
+	    } else if ($this->config->passtype === 'md5plussalt') {
+	      // Logic in here from Zen Cart
+	      // Zen Cart password looks like: hash:salt
+
+	      // See the zen_validate_password function in
+	      // /includes/functions/password_funcs.php
+	      // in the Zen Cart package v.1.3.8
+
+	      // split apart the hash / salt
+	      $stack = explode(':', $extpasswordhash);
+	      if (sizeof($stack) != 2) return false;
+	      $hash=$stack[0];
+	      $salt=$stack[1];
+
+	      // reformat the password
+	      $extpassword = md5($salt . $extpassword).':'.$salt;
+            } else if ($this->config->passtype === 'django') {
+              //The Django password looks like: alg$salt$hash
+              //Where alg is the algoritm, sha1 or md5, salt is a random salt, and the hash that is constructed
+              //calling a hash function to the contatenation of salt and the clear password
+              $stack = explode('$', $extpasswordhash);
+              if (sizeof($stack) != 3) return false;
+              $alg = $stack[0];
+              $salt = $stack[1];
+	      $hash = $stack[2];
+	      // Reformat the password
+              if($alg=='sha1'){
+                  $hashed_part = sha1($salt.$extpassword);
+                } else if ($alg='md5') {
+                  $hashed_part = md5($salt.$extpassword);
+                }                    
+              $extpassword = $alg.'$'.$salt.'$'.$hashed_part;
+	    }
+
+	    if ($extpassword == $extpasswordhash) {
+	      return true;
+	    } else {
+	      return false;
+	    }
+	    
         }
     }
 
diff -Naur db_original/config.html db/config.html
--- db_original/config.html	2007-04-20 22:01:11.000000000 -0400
+++ db/config.html	2010-02-27 11:47:41.000000000 -0500
@@ -188,10 +188,12 @@
     <td>
         <?php
         $passtype = array();
-        $passtype["plaintext"] = get_string("plaintext", "auth");
-        $passtype["md5"]       = get_string("md5", "auth");
-        $passtype["sha1"]      = get_string("sha1", "auth");
-        $passtype["internal"]  = get_string("internal", "auth");
+        $passtype["plaintext"]   = get_string("plaintext", "auth");
+        $passtype["md5"]         = get_string("md5", "auth");
+	$passtype["md5plussalt"] = get_string("md5plussalt", "auth");
+	$passtype["sha1"]        = get_string("sha1", "auth");
+	$passtype["django"]      = get_string("django", "auth");
+	$passtype["internal"]    = get_string("internal", "auth");
         choose_from_menu($passtype, "passtype", $config->passtype, "");
 
         ?>