tags:

views:

109

answers:

3
+2  Q: 

What function returns a Drupal-6-valid password hash?

I want to make a script to insert some 100 users into a Drupal 6 database - their username, mail and password hash.

After reading about the PHP class that Drupal 6 uses, I'm not sure I can pull this off. My method was to send every user a mail like "Hello, x! Your new password is y", then insert the hashed "y" into Drupal's user table.

I know Drupal returns an md5. But it doesn't just md5's the original password, but a very mixed-up password (using salt and other methods).

I've looked into the Portable PHP password hashing framework Drupal's using, but I don't think it works just with a copy+paste method.

So, my question is: can I make a PHP function that returns a valid Drupal 6 password hash to insert it into its user table?

+4  A: 

If you're creating users programmatically, you should create the plaintext password yourself, and then use the user_save() function to insert the user into the database. That function will hash and save everything for you.

Dave DeLong  2010-10-08 16:45:48
Thank you. I think this is what I was looking for.
nush  2010-10-08 17:04:02
@nush: Seems like you're new at StackOverflow...you might want to "accept" an answer. If you think this (or any other answer) is the "correct" answer, please click on the green checkmark underneath the question.
Sid NoParrots  2010-10-11 11:29:49
+2  A: 

The existing user import module looks like it would work for bulk user importing. This does not answer your "how do I hash the password" question, but it would remove the need for a custom (probably more error prone) script.

brian_d  2010-10-08 16:49:45
Thanks for the tip. I'll look into it.
nush  2010-10-08 17:05:22
+1  A: 

Actually, Drupal 6 does not use any salt to calculate the hash of the password. Its just a simply md5 of the password

You can try this for your self. Set your password to something.

Calculate the md5 of your password (you can use this link http://www.miraclesalad.com/webtools/md5.php for convenience).

You will find that the hash stored in the database in the users table in the pass column will be exactly the same

This behavior for the default installation of Drupal 6 (the behavior may have changed for Drupal 7). Only if you have some special module installed will the behavior be any different for Drupal 6.

Sid NoParrots  2010-10-11 11:00:03
yes, after some more code-gambling, i realized it, too. i thought different. well, md5() IS the answer to my question i guess
nush  2010-10-11 15:56:34

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases