<?php
/*convert_passwords.php
BACK UP your database before use.
create a new field in fusion_users that is varchar and named user_password_OLD
If importing users from another database, you can put their old password into that field
or you can put random word into it.
Credits: http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=23171#post_137526 and
http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=28271&pid=156200#post_156177
http://RawPHP.com - Lil Peck (ImproperUsername)
I used the number 4 as "salt" for user password and 5 as "salt" for admin password simply because that was easy. Use what you like.
*/
$con = mysql_connect("dbhost","dbuser","dbpass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbname", $con);
//select which query line below suits your situation
//$result = mysql_query("SELECT * FROM fusion_users
"); //affects everyone
$result = mysql_query("SELECT * FROM fusion_users
where user_id >1"); //affects everyone but superadmin
while($row = mysql_fetch_array($result))
{
echo "pw: ".$row['user_name'] . "<br>";
echo "pw: ".$row['user_password'] . " salt: " . $row['user_salt'];
echo "Old Pass: ".$row['user_password_OLD'];
echo "<br />";
echo 'New Password: '.hash_hmac('sha256', $row['user_password_OLD'], '4');//new user pass
$myresult = mysql_query("UPDATE fusion_users SET user_password='".hash_hmac('sha256', $row['user_password_OLD'], '4')."' WHERE user_name
='".$row['user_name']."' AND user_id>'1' and NOT isnull(user_password_OLD)") or die(mysql_error());
$myxresult = mysql_query("UPDATE fusion_users SET user_salt='4' WHERE user_name
='".$row['user_name']."' AND user_id>'1' and NOT isnull(user_password_OLD)") or die(mysql_error());
$myadminresult = mysql_query("UPDATE fusion_users SET user_admin_password='".hash_hmac('sha256', $row['user_password_OLD'], '5')."' WHERE user_name
='".$row['user_name']."' AND user_id='1' and NOT isnull(user_password_OLD)") or die(mysql_error());
$myxadminresult = mysql_query("UPDATE fusion_users SET user_admin_salt='5' WHERE user_name
='".$row['user_name']."' AND user_id='1' and NOT isnull(user_password_OLD)") or die(mysql_error());
//echo hash_hmac('sha256', 'Password', 'Salt');
echo "<BR><br>";
}
mysql_close($con);
?>
Category Forum
Code Snippet and functions - 8Labels
None yet
Statistics
1 participant
Notifications
You are not receiving notifications from this thread.
Related Questions