Post by Franz-Peter » Thu Oct 15, 2009 10:21 pm

Did install Alex Wright's password contribution to import customers from oscommerce to opencart. I was able to transfer all my customers with the oscommerce password. Before to make a test of the password functionality did create myself as new customer with password in oscommerce to control the password functionality after transfer to opencart.
I had no effort. Did try to login into opencart with my oscommerce password and received an error message.
Is there someone who did install that contribution too who was able to login with the old oscommerce customer password?
Last edited by i2Paq on Fri Nov 18, 2011 5:05 am, edited 2 times in total.
Reason: Title adjusted

New member

Posts

Joined
Tue Aug 25, 2009 4:30 pm

Post by Qphoria » Thu Oct 15, 2009 10:26 pm

is the password using the same md5 hash method in oscommerce?

Image
Donate!|OpenCart Basics|GeoZones
Image


User avatar
Administrator

Posts

Joined
Tue Jul 22, 2008 3:02 am

Post by Franz-Peter » Thu Oct 15, 2009 10:59 pm

I don't think so. But the contribution should should care about it. As far as I can see the contribution changes the password function in the system folder and in some catalog folders to accept oscommerce passwords when a customer does a login. As soon as the customer enters the oscommerce password the function verifies the password and overwrites the password in the database to have an opencart style password.
The original oscommerce method is to add a two digit salt like in the following hash:
1d6d07a9b24a7019d3ff76cc17dd42a0:89
That is what the function in the contribution should accept for validation and after that the rewrite into the database should create a password in the opencart style.

The data conversion from oscommerce to opencart (customers) was pretty easy. Did take a Zencart Script for converting oscommerce to zencart. There are just a few modifications to match the table names of opencart.

New member

Posts

Joined
Tue Aug 25, 2009 4:30 pm

Post by Franz-Peter » Sat Oct 17, 2009 9:13 pm

Hi Qphoria,

are there different md5 methods and which method does OpenCart use?

New member

Posts

Joined
Tue Aug 25, 2009 4:30 pm

Post by KCMone » Sat Dec 19, 2009 5:01 pm

Hi, tried to download the Oscommerce import Tool, but it had an unknown file type in the download. Shouldn't this be a ZIP file?

Kind regards
Kenneth

Newbie

Posts

Joined
Wed Nov 11, 2009 2:54 pm

Post by IBBoard » Mon Sep 13, 2010 3:04 am

Sorry for posting to an old topic, but I've got an answer and I hate it when I find a question with no solution.

ZenCart (and so presumably osCommerce, since it seems to have forked from it at some point) uses salted MD5 passwords, where each account has its own salt. There's no way to reverse engineer them to migrate them other than brute forcing and rainbow tables, neither of which is quick. Instead, I made a Password patch. It makes OpenCart use the Zen Cart password format, if the user's password is stored in that format. Since it is impossible to convert the passwords from Zen Cart to OpenCart because Zen Cart salts its passwords then this password does the salting and checks against the Zen Cart format value.

Hopefully that helps someone else :)

New member

Posts

Joined
Sun Sep 12, 2010 3:30 am

Post by Studio-Owens » Tue Apr 05, 2011 2:13 am

My solution was similar to IBBoard, but I used vQmod (http://forum.opencart.com/viewtopic.php?f=23&t=24529).

I take the email address and pull the encrypted password from the DB. If the encrypted password has an osC salt at the end (e.g. :##) then I do a quick check by taking the md5 of the salt plus the plain text password and comparing it to the encrypted password from the database. If it matches I pass it back as the md5 password. Otherwise I pass back the md5 of the plain text password.

vQmod file attached.

Attachments

vQmod file for using osCommerce passwords in OpenCart v1.4.9.4


Image
www.Studio-Owens.com


User avatar
Newbie

Posts

Joined
Fri Jun 04, 2010 5:00 am

Post by onlinephilately » Thu Aug 18, 2011 2:32 pm

Just tested the xml file on 1.5.1 and it seems to work perfect!

Thank you for posting.

New member

Posts

Joined
Thu Jan 27, 2011 3:14 am

Post by Cyberwoolf » Fri Nov 18, 2011 2:49 am

Hey guys,

I just imported all my data (except attributes) from a zen cart site to the latest version of OC. My problem now is that Zen uses MD5+Salt to encrypt the passwords.

I found a thread: http://forum.opencart.com/viewtopic.php?t=7092 that had a vqmod file that solved this issue, but it doesn't appear to work anymore. I get: Notice: Undefined variable: owens_password.

Does anyone have another workaround or possibly fix this vqmod file?

Thank you!

New member

Posts

Joined
Wed Jul 27, 2011 8:43 am

Post by mberlant » Fri Nov 18, 2011 3:57 am

It would have been much better if you had asked your question in the thread you quoted, where cognizant people are already watching, than to start a whole new thread on the same topic. Why not contribute your observations there, where there is already a group familiar with your problem?

Please use proper English at all times, so that all members may understand you.


User avatar
Active Member

Posts

Joined
Sun Mar 13, 2011 8:33 pm

Post by i2Paq » Fri Nov 18, 2011 5:05 am

mberlant wrote:It would have been much better if you had asked your question in the thread you quoted, where cognizant people are already watching, than to start a whole new thread on the same topic. Why not contribute your observations there, where there is already a group familiar with your problem?
Good call!

Topics merged.

Norman in 't Veldt
Moderator OpenCart Forums

_________________ READ and Search BEFORE POSTING _________________

Our FREE search: Find your answer FAST!.

[How to] BTW + Verzend + betaal setup.


User avatar
Global Moderator

Posts

Joined
Mon Nov 09, 2009 7:00 pm
Location - Winkel - The Netherlands

Post by Cyberwoolf » Fri Nov 18, 2011 5:19 am

Usually in forums, it is frowned upon to comment in a thread where the last comment is over 3 months old, that's why I added a new post, sorry. Just can't seem to keep the forum rules right.

** Update **
Figured out the solution. The function was different in the customers.php, so I edited that and now it works (1.5.1.3)

Attachments

Update to vQmod using md5+salt passwords for Zencart & OSCommerce passwords


New member

Posts

Joined
Wed Jul 27, 2011 8:43 am

Post by horgh » Thu Nov 24, 2011 4:03 am

It doesn't work for me. Just complains about invalid email address or password. I copied passwords directly from OsCommerce database. I noticed that they all had prefix $P$D, I tried with it and without it, no success. I really need a way to import passwords from OsCommerce.

Newbie

Posts

Joined
Wed Nov 23, 2011 4:31 am

Post by Cyberwoolf » Sun Nov 27, 2011 1:00 am

What version of OC are you using? And do you see any errors in your vQmod manager?

New member

Posts

Joined
Wed Jul 27, 2011 8:43 am

Post by polo555 » Tue Jan 31, 2012 7:23 am

Cyberwoolf wrote: ** Update **
Figured out the solution. The function was different in the customers.php, so I edited that and now it works (1.5.1.3)
it works fine for me, thanks (OC 1.5.1.3)
Edit: works also with OC 1.5.2 beta revision 827.
Last edited by polo555 on Sat Feb 18, 2012 9:19 am, edited 1 time in total.

Newbie

Posts

Joined
Tue Jan 31, 2012 7:16 am

Post by straightlight » Tue Jan 31, 2012 8:13 am

Take note that this solution does not require password resetting every 90 days as it also uses a salted hash password methodology: http://www.opencart.com/index.php?route ... order=DESC

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Opencart.com Administrator / Quality Assurance Analyst / Programmer


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON
Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 56 guests