Hi,
Can I convert all users plain text password in field "password" to hashed password in field "passwordhash", so users do not have to create new passwords themselves?
Have tried this in phpMyadmin:
UPDATE usertable SET passwordhash = SHA2(passwordlower, 256) WHERE 1
But that does not seem to work.
tia
/Poul
The password_hash() function is a PHP function, so you cannot update the password by SQL. You need to write a Custom File (with "Include common files" enabled) or a server event to update them, e.g.
// For v2024
$em = GetUserEntityManager();
$users = GetUserRepository()->findAll();
foreach ($users as $user) { // Assume the password field is named "password" so the getter/setter are get/setPassword()
$plainPassword = $user->getPassword(); // The original password must be plain text
$user->setPassword(EncryptPassword(Config("CASE_SENSITIVE_PASSWORD") ? $plainPassword : strtolower($plainPassword)));
$em->persist($user);
}
$em->flush();Notes:
password_hash() will be used by EncryptPassword()).Thanks, but I cannot get this to work.
I have followed the instructions regarding Custom File: https://phpmaker.dev/docs/index.html#/customfile.html
With debug ON, I see the code is being executed, but is has no effect on the password field.
Is this code different in v2023?
arbei wrote:
// For v2024
$em = GetUserEntityManager();
...
For v2023, you can only use UPDATE statement, see example for Database Abstraction Layer (DBAL 3), you may select and loop through the records, and execute UPDATE statement to update the password field.