By lxdff on
My site is base on Communityserver, now, i want Convert it to Drupal.
The user's password in CommunityServer is hashed by sha1, Drupal 's password is md5. how can i do?
thanks
My site is base on Communityserver, now, i want Convert it to Drupal.
The user's password in CommunityServer is hashed by sha1, Drupal 's password is md5. how can i do?
thanks
Comments
One dumb way
is to move all the accounts over and the passwords will not work - but the user account will stillbe visible to Druapl so users would need to come to the site nd request a new password, and it would all be working from there on in.
Not ideal, but it's a way of getting up and running,
Gareth
now, i have an idea, but
now, i have an idea, but there's another question.
my solution is create a table named user_cs_password, it has 3 columns, uid, password and passwordsalt.
uid is drupal user id, password and passwordsalt is copyed from communityserver database.
first ,keep user's password blank in drupal. when a user login on drupal, check user's password is blank or not. if blank than check password in user_cs_password. if password is correct, update password to table user in drupal. when all of the users login in , the password is converted completed.
now, my question is how can i override drupal login process? i can add code to user.module, but i think it's not the best way.
thanks
east
http://silverlight.cn
Did you end up implementing
Did you end up implementing this? How did it work?
Partial Success
Hi all,
I know this an old thread but hey this may help you or someone else going through this pain lol. I too have been scouring for how to use sha-1 passwords in drupal. I have had some success althought I a:) dont really know what im doing b:)am probably wrong; but hey its only in a sand box in my case. OK so this does invlove hacking user.module. its quite simple though. search for 'md5' replace with 'sha1' move your sha1 passwords in to your users table. Now Drupal will use php native sha-1 hash generator to compare passwords rather than md5.
WARNING; as i said im fairly new to drupal and Im sure this is horrendously bad practice. I have no idea yet what effect this will have elsewhere and with other functions that rely on md5 hashes. I really wouldn't try this on a live site. My reason for doing it was moving an smf board to drupal only to nearly cry when i realised i couldnt move passwords. I still have another step to implement though. My version of smf does the following to generate password hash sha1(strtolower($username).$password). So my next task is pulling the username from the form on the pressing of submit.
If anyone has any ideas for that or a better way of the above please lets us know.
Thanks
Kez