I'm trying to import users from another e-commerce system
The problem I have is that I have discovered that there is a salt column in the oc_users table and Im not sure what to do about this do I create a new user and give all the users the same password and salt and then make them change is or it there a better way of going about this. Any hep would be much appreciated.
Salt is some kind of "key" in password checks. Passwords are saved in database in encrypted format and there's no way to decrypt it. When user enters password it's encrypted the same way using salt. For example, you can encrypt plain text password + salt using md5 function and save it this way in database. On login the same encryption is made and checked with database value.
Since every framework has its own encryption algorithm, you can't do it an easy way. Like Angela said above, the best way is to create random password/salt for every user and send notification about it. Plain and simple.
Since every framework has its own encryption algorithm, you can't do it an easy way. Like Angela said above, the best way is to create random password/salt for every user and send notification about it. Plain and simple.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Ah OK that seems like 2 different ways.
One seems easier.
So contact all users and let them know that they need to change their passwords that way they do the work and not me.
Or individually put new passwords and salt into the database.
I have about 300 users so ideally don't want to do them individually.
If I add all the users into the database without the salt will they be able to change their password? and will that then create the salt and a new password?
I guess I could give it a try.
One seems easier.
So contact all users and let them know that they need to change their passwords that way they do the work and not me.
Or individually put new passwords and salt into the database.
I have about 300 users so ideally don't want to do them individually.
If I add all the users into the database without the salt will they be able to change their password? and will that then create the salt and a new password?
I guess I could give it a try.
Cheers guys for the help it was actually the customers I needed to change and I created a new user and checked the account logged in OK. I then deleted the salt record for that user and they couldn't login. I then requested to change the password and a new password was sent to me and that worked fine.
So I will import all the users into the database and then get them to change their passwords.
Many thanks for your help.
So I will import all the users into the database and then get them to change their passwords.
Many thanks for your help.
You can simply make your migration script a bit more complex. The algorithm will look the following way:
1. Take user from old database.
2. Copy all his data to new database.
3. Generate random password in plain text.
4. Generate salt, encrypt password, save both to database.
5. Send notification with new password in plain text to the user.
1. Take user from old database.
2. Copy all his data to new database.
3. Generate random password in plain text.
4. Generate salt, encrypt password, save both to database.
5. Send notification with new password in plain text to the user.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Who is online
Users browsing this forum: No registered users and 193 guests
