Did install Alex Wright's password contribution to import customers from oscommerce to opencart. I was able to transfer all my customers with the oscommerce password. Before to make a test of the password functionality did create myself as new customer with password in oscommerce to control the password functionality after transfer to opencart.
I had no effort. Did try to login into opencart with my oscommerce password and received an error message.
Is there someone who did install that contribution too who was able to login with the old oscommerce customer password?
Last edited by i2Paq on Fri Nov 18, 2011 5:05 am, edited 2 times in total.
Reason: Title adjusted
Reason: Title adjusted
I don't think so. But the contribution should should care about it. As far as I can see the contribution changes the password function in the system folder and in some catalog folders to accept oscommerce passwords when a customer does a login. As soon as the customer enters the oscommerce password the function verifies the password and overwrites the password in the database to have an opencart style password.
The original oscommerce method is to add a two digit salt like in the following hash:
1d6d07a9b24a7019d3ff76cc17dd42a0:89
That is what the function in the contribution should accept for validation and after that the rewrite into the database should create a password in the opencart style.
The data conversion from oscommerce to opencart (customers) was pretty easy. Did take a Zencart Script for converting oscommerce to zencart. There are just a few modifications to match the table names of opencart.
The original oscommerce method is to add a two digit salt like in the following hash:
1d6d07a9b24a7019d3ff76cc17dd42a0:89
That is what the function in the contribution should accept for validation and after that the rewrite into the database should create a password in the opencart style.
The data conversion from oscommerce to opencart (customers) was pretty easy. Did take a Zencart Script for converting oscommerce to zencart. There are just a few modifications to match the table names of opencart.
Sorry for posting to an old topic, but I've got an answer and I hate it when I find a question with no solution.
ZenCart (and so presumably osCommerce, since it seems to have forked from it at some point) uses salted MD5 passwords, where each account has its own salt. There's no way to reverse engineer them to migrate them other than brute forcing and rainbow tables, neither of which is quick. Instead, I made a Password patch. It makes OpenCart use the Zen Cart password format, if the user's password is stored in that format. Since it is impossible to convert the passwords from Zen Cart to OpenCart because Zen Cart salts its passwords then this password does the salting and checks against the Zen Cart format value.
Hopefully that helps someone else
ZenCart (and so presumably osCommerce, since it seems to have forked from it at some point) uses salted MD5 passwords, where each account has its own salt. There's no way to reverse engineer them to migrate them other than brute forcing and rainbow tables, neither of which is quick. Instead, I made a Password patch. It makes OpenCart use the Zen Cart password format, if the user's password is stored in that format. Since it is impossible to convert the passwords from Zen Cart to OpenCart because Zen Cart salts its passwords then this password does the salting and checks against the Zen Cart format value.
Hopefully that helps someone else
My solution was similar to IBBoard, but I used vQmod (http://forum.opencart.com/viewtopic.php?f=23&t=24529).
I take the email address and pull the encrypted password from the DB. If the encrypted password has an osC salt at the end (e.g. :##) then I do a quick check by taking the md5 of the salt plus the plain text password and comparing it to the encrypted password from the database. If it matches I pass it back as the md5 password. Otherwise I pass back the md5 of the plain text password.
vQmod file attached.
I take the email address and pull the encrypted password from the DB. If the encrypted password has an osC salt at the end (e.g. :##) then I do a quick check by taking the md5 of the salt plus the plain text password and comparing it to the encrypted password from the database. If it matches I pass it back as the md5 password. Otherwise I pass back the md5 of the plain text password.
vQmod file attached.
Attachments
vQmod file for using osCommerce passwords in OpenCart v1.4.9.4
Hey guys,
I just imported all my data (except attributes) from a zen cart site to the latest version of OC. My problem now is that Zen uses MD5+Salt to encrypt the passwords.
I found a thread: http://forum.opencart.com/viewtopic.php?t=7092 that had a vqmod file that solved this issue, but it doesn't appear to work anymore. I get: Notice: Undefined variable: owens_password.
Does anyone have another workaround or possibly fix this vqmod file?
Thank you!
I just imported all my data (except attributes) from a zen cart site to the latest version of OC. My problem now is that Zen uses MD5+Salt to encrypt the passwords.
I found a thread: http://forum.opencart.com/viewtopic.php?t=7092 that had a vqmod file that solved this issue, but it doesn't appear to work anymore. I get: Notice: Undefined variable: owens_password.
Does anyone have another workaround or possibly fix this vqmod file?
Thank you!
It would have been much better if you had asked your question in the thread you quoted, where cognizant people are already watching, than to start a whole new thread on the same topic. Why not contribute your observations there, where there is already a group familiar with your problem?
Please use proper English at all times, so that all members may understand you.
Good call!mberlant wrote:It would have been much better if you had asked your question in the thread you quoted, where cognizant people are already watching, than to start a whole new thread on the same topic. Why not contribute your observations there, where there is already a group familiar with your problem?
Topics merged.
Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________
Our FREE search: Find your answer FAST!.
[How to] BTW + Verzend + betaal setup.
Usually in forums, it is frowned upon to comment in a thread where the last comment is over 3 months old, that's why I added a new post, sorry. Just can't seem to keep the forum rules right.
** Update **
Figured out the solution. The function was different in the customers.php, so I edited that and now it works (1.5.1.3)
** Update **
Figured out the solution. The function was different in the customers.php, so I edited that and now it works (1.5.1.3)
Attachments
Update to vQmod using md5+salt passwords for Zencart & OSCommerce passwords
It doesn't work for me. Just complains about invalid email address or password. I copied passwords directly from OsCommerce database. I noticed that they all had prefix $P$D, I tried with it and without it, no success. I really need a way to import passwords from OsCommerce.
it works fine for me, thanks (OC 1.5.1.3)Cyberwoolf wrote: ** Update **
Figured out the solution. The function was different in the customers.php, so I edited that and now it works (1.5.1.3)
Edit: works also with OC 1.5.2 beta revision 827.
Last edited by polo555 on Sat Feb 18, 2012 9:19 am, edited 1 time in total.
Take note that this solution does not require password resetting every 90 days as it also uses a salted hash password methodology: http://www.opencart.com/index.php?route ... order=DESC
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Who is online
Users browsing this forum: Google [Bot] and 101 guests
