Jump to:

1036 Posts in 810 Topics by 315 members

Forum Module

SilverStripe Forums » Forum Module » Change password algorithm?

Discuss the Forum Module.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2
Go to End
Author Topic: 2806 Views
  • Futureweb
    Avatar
    Community Member
    232 Posts

    Re: Change password algorithm? Link to this post

    Hi there. I've got exactly the same problem - 2000 users from an old site, and a new 'silverstriped' version ready to go - i just can't get the users transferred...

    did anyone get any documentation written up on this one?

  • dompie
    Avatar
    Community Member
    88 Posts

    Re: Change password algorithm? Link to this post

    I solved it the following way:

    1) Create Encryptor class like e.g.

    class ForumPasswordEncryptor extends PasswordEncryptor{
       public function encrypt($password, $salt = null, $member = null){
          return md5(md5($password).$salt);
       }
       public function salt($password, $member = null){
          return '';
       }
    }

    2) Register you class with a unique string in your config.php

    PasswordEncryptor::register('md5_forum', 'ForumPasswordEncryptor');

    3) Now it's tricky
    I would expect to tell a Member (or Security or Group) to use my newly created encryptor for encryption somehow like this:

    // DID NOT WORK
    Security::set_password_encryption_algorithm('md5_forum');
    $salt = 'Put your salt in here';
    $m = new Member();
    $m->setField('Email', $user['Email']);
    $m->setField('PasswordEncryption', 'md5_forum');

    However, this did not work. The passwords in database were different from my test results, so I used instead the following code:

    // DID WORK
    // Example 1
    Security::set_password_encryption_algorithm('none');
    $salt = 'Put your salt in here.';
    $m = new Member();
    $m->setField('Email', $user['Email']);
    $m->setField('Password', md5($user['Password'].$salt));
    $m->setField('PasswordEncryption', 'none');

    This way the password string provided by setField('Password', md5...) was saved exactly the same into database. After this I changed the column holding the encription string in database manually to 'md5_forum' and now I could login into silverstripe with my old password from the other (old) forum.

    This have been the steps I remember...hope I didn't forget anything important. Would be nice to hear about your solution. I'd like to know why it didn't work with setting password encryption algorith to 'md5_forum' in my code.

    2806 Views
Page: 1 2
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.