Entering a Drupal 6 user password in Drupal 7

Question

Entering a Drupal 6 user password in Drupal 7

I really don't need to import any data into my non-user D7 construct. However, I (via SQL) imported my user data, now the D7 password encryption method is different.

I'm not an expert on any part of the imagination, and I never used Drush, but I came across this piece of user_update_7000 code that user.install found ( http://api.drupal.org/api/drupal/modules--user --user.install / function / user_update_7000 / 7 )

<?php require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc'); $old_hash = md5('password'); $hash_count_log2 = 11; $new_hash = user_hash_password($old_hash, $hash_count_log2); if ($new_hash) { // Indicate an updated password. $new_hash = 'U' . $new_hash; } ?>

Where can I run this script to update the password field in my DB?

Thanks,

Steve

+7

import passwords drupal md5

Stephen wilson Jun 01 '11 at 17:57

source share

3 answers

This answer was beautiful. I used it to upgrade from the Drupal 5 website. I made a couple of changes to suit my goals:

I did not limit the number of updated passwords. I wanted all of them to be updated, and the system I was updating totaled more than 1000 users.
I added a check to make sure that I do not update the password twice. That way, if it expires (as for me), changing all the passwords, I can restart rehash.php to complete the conversion. Keep in mind, however, that as soon as the user logs in, the leading "U" is deleted when the password is hashed again.
```
 if (substr($account->pass, 0, 1) == 'U') { continue; } 
```

0

jpb Aug 16 '11 at 4:49

source share

I do not have enough points to add a comment, but I made a few clarifications for the hross answer (and submitted a draft update).

Here's a better script with documentation and the ability to specify a user table other than the default users for those who do manual Drupal from 6 to 7. It also includes jpb validation.

 <?php /** * Use this script to update Drupal 6 users password hashes to Drupal 7 specs. * * Ensure you BACKUP YOUR USERS TABLE before using this script! If not your whole site! * Name this file update_users.php and place in your Drupal root, same place as update.php * * - If you've manually inserted a new table into your database, change the $databasename below. * - If this does not run, ensure you are logged into your site as admin. * - If this does not run, check your drupal watchdog and/or PHP logs * - If you see this error "PDOException: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'pass' at row 1:" * you need to update your table structure so that pass is a varchar(128). * * BACKUP, THIS MAY BREAK YOUR SITE AND EAT YOUR DATA! */ echo "Starting. \r\n"; // Change this if you've made a custom table $databasename = "users"; // Update this many users $count = 1000; // bootstrap stuff define('DRUPAL_ROOT', getcwd()); include_once DRUPAL_ROOT . '/includes/bootstrap.inc'; drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc'); // Lower than DRUPAL_HASH_COUNT to make the update run at a reasonable speed. $hash_count_log2 = 11; // Hash again all current hashed passwords. $has_rows = FALSE; $result = db_query_range("SELECT uid, pass FROM {" . $databasename . "} WHERE uid > 10 ORDER BY uid", 0, $count); foreach ($result as $account) { $has_rows = TRUE; if (substr($account->pass, 0, 1) != 'U') { echo "updating account: " . $account->uid . " \r\n"; $new_hash = user_hash_password($account->pass, $hash_count_log2); if ($new_hash) { // Indicate an updated password. $new_hash = 'U' . $new_hash; db_update($databasename) ->fields(array('pass' => $new_hash)) ->condition('uid', $account->uid) ->execute(); } } } echo "Done."; ?>

0

Ken hawkins Mar 6 '13 at 9:03

source share

hross · Accepted Answer · 2011-06-01T19:02:40+0000

I think you can create a page with a name like rehash.php (in your root, in the same place as update.php). Then first log in with administrator privileges, then go to this page. See the code below (most taken from user_update_7200 in the latest version of drupal 7) ...

In the worst case scenario, you can create a simple custom module and put that code there.

Please note that you must support things first :

 <?php // bootstrap stuff define('DRUPAL_ROOT', getcwd()); include_once DRUPAL_ROOT . '/includes/bootstrap.inc'; drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc'); // Lower than DRUPAL_HASH_COUNT to make the update run at a reasonable speed. $hash_count_log2 = 11; // Hash again all current hashed passwords. $has_rows = FALSE; // Update this many users $count = 1000; $result = db_query_range("SELECT uid, pass FROM {users} WHERE uid > 1 ORDER BY uid", 0, $count); foreach ($result as $account) { $has_rows = TRUE; $new_hash = user_hash_password($account->pass, $hash_count_log2); if ($new_hash) { // Indicate an updated password. $new_hash = 'U' . $new_hash; db_update('users') ->fields(array('pass' => $new_hash)) ->condition('uid', $account->uid) ->execute(); } } ?>

Entering a Drupal 6 user password in Drupal 7

More articles: