Import Member Passwords from another system
Asked Modified Viewed 2,229 times
ImproperUsername
- Member, joined since
- Contributed 90 posts on the community forums.
- Started 19 threads in the forums
- Started this discussions
My apologies in advance for having posted this previously elsewhere in response to a password recovery question. I post it here because it may be helpful as an example of a way to bring along unencrypted passwords when converting a database from another cms to PHPFusion.
I had a cms running off an Access database with about 300 registered members. Obviously, importing their user names and info was easy enough. I used Bullzip's access-to-mysql program to do most of it. (It is free but donations are encouraged.) The issue remained, however, that the user passwords had to be converted somehow to the PHPFusion encryption. I put this script together to handle it.
Using MyPHPadmin, I made a new field in fusion_users that is varchar and named user_password_OLD. I imported the old, unencrypted passwords to that field.
I used the number 4 as "salt" for user password and 5 as "salt" for admin password simply because that was easy. Use what you like. BACK UP your database before use. After use, delete this script. The script is also attached in a zip file. Be sure to go over it line by line before use.
[size=12][/size]
I had a cms running off an Access database with about 300 registered members. Obviously, importing their user names and info was easy enough. I used Bullzip's access-to-mysql program to do most of it. (It is free but donations are encouraged.) The issue remained, however, that the user passwords had to be converted somehow to the PHPFusion encryption. I put this script together to handle it.
Using MyPHPadmin, I made a new field in fusion_users that is varchar and named user_password_OLD. I imported the old, unencrypted passwords to that field.
I used the number 4 as "salt" for user password and 5 as "salt" for admin password simply because that was easy. Use what you like. BACK UP your database before use. After use, delete this script. The script is also attached in a zip file. Be sure to go over it line by line before use.
[size=12]
Code Download source
<?php
/*convert_passwords.php
BACK UP your database before use.
create a new field in fusion_users that is varchar and named user_password_OLD
If importing users from another database, you can put their old password into that field
or you can put random word into it.
Credits: http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=23171#post_137526 and
http://www.php-fusion.co.uk/forum/viewthread.php?thread_id=28271&pid=156200#post_156177
http://RawPHP.com - Lil Peck (ImproperUsername)
I used the number 4 as "salt" for user password and 5 as "salt" for admin password simply because that was easy. Use what you like.
*/
$con = mysql_connect("dbhost","dbuser","dbpass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbname", $con);
//select which query line below suits your situation
//$result = mysql_query("SELECT * FROM fusion_users"); //affects everyone
$result = mysql_query("SELECT * FROM fusion_users where user_id >1"); //affects everyone but superadmin
while($row = mysql_fetch_array($result))
{
echo "pw: ".$row['user_name'] . "<br>";
echo "pw: ".$row['user_password'] . " salt: " . $row['user_salt'];
echo "Old Pass: ".$row['user_password_OLD'];
echo "<br />";
echo 'New Password: '.hash_hmac('sha256', $row['user_password_OLD'], '4');//new user pass
$myresult = mysql_query("UPDATE fusion_users SET user_password='".hash_hmac('sha256', $row['user_password_OLD'], '4')."' WHERE user_name='".$row['user_name']."' AND user_id>'1' and NOT isnull(user_password_OLD)") or die(mysql_error());
$myxresult = mysql_query("UPDATE fusion_users SET user_salt='4' WHERE user_name='".$row['user_name']."' AND user_id>'1' and NOT isnull(user_password_OLD)") or die(mysql_error());
$myadminresult = mysql_query("UPDATE fusion_users SET user_admin_password='".hash_hmac('sha256', $row['user_password_OLD'], '5')."' WHERE user_name='".$row['user_name']."' AND user_id='1' and NOT isnull(user_password_OLD)") or die(mysql_error());
$myxadminresult = mysql_query("UPDATE fusion_users SET user_admin_salt='5' WHERE user_name='".$row['user_name']."' AND user_id='1' and NOT isnull(user_password_OLD)") or die(mysql_error());
//echo hash_hmac('sha256', 'Password', 'Salt');
echo "<BR><br>";
}
mysql_close($con);
?> There are no post found.
Category Forum
Code Snippet and functions - 8Labels
None yet
Statistics
- Views 0 views
- Posts 0 posts
- Votes 0 votes
- Topic users 1 member
1 participant
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions