Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

Password update when upgrading from v6 to v7

As you probably know, v6 uses single md5 hash for passwords. V7 uses double md5... That means all passwords will not work.

How to update the passwords:

SAVE fusion_users TABLE BEFORE UPDATING!

1. create php file with a random title, for example db_md5.php and put there this:
CodeDownload  
<?php

// Locate config.php and set the basedir path
$folder_level = ""; $i = 0;
while (!file_exists($folder_level."config.php")) {
   $folder_level .= "../"; $i++;
   if ($i == 5) { die("Config file not found"); }
}
require_once $folder_level."config.php";
define("BASEDIR", $folder_level);

function dbconnect($db_host, $db_user, $db_pass, $db_name) {
   $db_connect = @mysql_connect($db_host, $db_user, $db_pass);
   $db_select = @mysql_select_db($db_name);
   if (!$db_connect) {
      die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to establish connection to MySQL</b><br />".mysql_errno()." : ".mysql_error()."</div>");
   } elseif (!$db_select) {
      die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unable to select MySQL database</b><br />".mysql_errno()." : ".mysql_error()."</div>");
   }
}

// Establish mySQL database connection
$link = dbconnect($db_host, $db_user, $db_pass, $db_name);

//////////////////////////////////////

$db_request = 'SELECT * FROM fusion_users ORDER BY user_id';
$exec = mysql_query($db_request);
while ($line = mysql_fetch_array($exec)) {
   extract($line);
   $result = md5($line['user_password']);
   mysql_query("UPDATE fusion_users SET user_password='".$result."' WHERE user_id = ".$line['user_id']);
   echo "id ".$line['user_id']." done sucessfully<br />";
}

?>



2. save it, get it in your root folder (where config.php is also located)

3. run it in your browser - http://your_adress.com/db_md5.php

All done.
Non-working passwords only apply to upgrades of v6 installations from before v6.01.12...
I have a version 6 site (6.0.18) that has also been hacked (list of links in the news.php file) and I want to upgrade to version 7. I am planning on installing version 7 from scratch, but wanted to move my members from the version 6 site. Will the php file noted above move the members and update the password so that it will work on the new version 7 site? I hope what I just wrote that makes sense.
The file does the only thing. Hash all passwords of members with md5... if you run it 10 times, it will be 10 times md5 hash, so be carefull. I don't know, I only made it for my own use, so I just published it.
Could someone explain to me how a password is double md5'ed? Do you md5 the password once, then take that encryption and md5 it again?
Exactly. After I upgraded it 1st time, I didn't know why I can't log in. So I let send a new password and then I changed my password to new one. I checked database and the md5 hash value was different than in old database which was still working for PHP-Fusion v6. So I took this value from the old database and md5 hashed it once again and the value was same as in the new database... I hope you get it, sorry about my English.

Simply, it works exactly as you said, just look at the script.
md5($line['user_password']);
Md5 hashes old password value.

By the way I don't know, why isn't such a thing included in the upgrade script. Never mind.
I think I understand what you are saying. However, my plan is not to upgrade the existing version (6.0.18), but to install the most current version 7 (7.0.05) and use the users and user passwords from the old version. How would use your script to do that, or is it possible to do that?
It's same. The upgrade from v6 to v7 won't change the passwords and when you start new installation of v7, then you will use the old passwords, so again, it's same, just run the script once, that's all.

The script isn't some specially edited for upgrade process, or whatever you mean.

Quote

muscapaul wrote:
Non-working passwords only apply to upgrades of v6 installations from before v6.01.12...


I noticed that the password for version 6.0.18 is the same as the password in version 7.0.05, its that what you mean by the passwords not needing to be double md5'ed muscapaul, or am I misreading your post all together?

I am getting ready to move my users from 6.0.18 to a new installation of 7.0.05, not an aupgrade but a full install.
OK, I am very confused about this password update script. Here is my situation.

I have been running version 6.0.18 with 96 members, this version's news.php has a long list of links (viagra, cialis, etc) that you can only see when you do a source view. I am trying to move the members to a newly installed version 7.0.05, but the members list of the old version are in a different database than the new version, although on the same server.

How can I use this script if it needs the config.php file (I assume from the old version) to then post the information to the fusion_users table on the new database? I hope this makes sense to some of you gurus. I am beginning to think that I am going to have to manually insert the information.
Notice: Undefined index: user_admin_password in /mnt/web5/51/48/52078348/htdocs/themes/templates/panels.php on line 110
Warning: admin password not set, click Edit Profile to set it.
Notice: Undefined index: user_admin_password in /mnt/web5/51/48/52078348/htdocs/edit_profile.php on line 56

i have set it but there is some problem with datebase when i put old users list from phpfusion 6 to phpfusion 7... how to fix that?
and i put new admin password its working fine but there is error :(

PS : I CAN NOT CHANGE ADMIN PASSWORD OR GIVE NEW PASS :(...JUST USER PASSWORD IS WORKING!

Quote

hajriz wrote:
Notice: Undefined index: user_admin_password in /mnt/web5/51/48/52078348/htdocs/themes/templates/panels.php on line 110
Warning: admin password not set, click Edit Profile to set it.
Notice: Undefined index: user_admin_password in /mnt/web5/51/48/52078348/htdocs/edit_profile.php on line 56

i have set it but there is some problem with datebase when i put old users list from phpfusion 6 to phpfusion 7... how to fix that?
and i put new admin password its working fine but there is error :(

PS : I CAN NOT CHANGE ADMIN PASSWORD OR GIVE NEW PASS :(...JUST USER PASSWORD IS WORKING!


If you restored your users table from a v6 backup then the user_admin_password field doesnt exist anymore. You promptly erased it with installing that backup.
i have new hosting and have tryed to put users from the old version6 to the new one that was all ready installed fresh 7.0.5 .. and that happens :D ... and now i have removed 6 and 7 and agen installed just 7 v .. without my users :( ...how can i put them back if is posible ? without that errors...when is it not posible i will no more boring u guys..but anyway thanks ;)
I was not able to get this script to work either in a similar situation as yours. I eventually ended up entering the users in manually, but I only have 94 users. If you have many more than that, it could be very time consuming.
This script is not necessary if you followed the following procedures:

Step 1) Upgraded to the most recent copy of PHP Fusion.(Database and everything)
Step 2) Downloaded most up to date version of v7 client.
Step 3) Extracted said download from Step 2.
Step 4) Open the extracted folder.

You should now see:
1) Folder named Files
2) Folder named upgrade v601x
3) Text Document copy of the AGPL
5) Several language variations of the Readme.

Step 5) open folder named Upgrade v601x
Step 6) Uploaded upgrade.php located in said folder in Step 5 to administration/ folder on your host using your FTP client.
Step 7) Log into your website and proceed to Admin Panel < System Admin < Upgrade and follow the steps for that Upgrade.
Step 8) After the upgrade is completed upload the contents of the folder marked Files(except _config and setup.php) overwriting everything.

Holy geegolly batman, we now have a perfectly working v7 website and we didnt have to use the script in the original post of this thread.
Thanks for your response, but your response is based on upgrading version 6 to version 7. In both cases mentioned, we installed a brand new version of version 7 and that is why we were having problems using the script.
Seeing as you had a 6.01.18 site according to your post above starting from "scratch" would have been more easily possible just to upgrade and upload all of the v7 files which would then give you your database which you could easily clear of content if thats what you truly wished and give your files all new non-addon non-plugin'd. Which in essence would be a fresh site.
I understand all that, however we both chose to start from scratch. In my case because I had thousands of links to viagra and other items. What I was looking for was a script that would have allowed me to move my members from my version 6 site to a newly installed version 7 site.

Quote

Daywalker wrote:
This script is not necessary if you followed the following procedures:

Step 1) Upgraded to the most recent copy of PHP Fusion.(Database and everything)
Step 2) Downloaded most up to date version of v7 client.
Step 3) Extracted said download from Step 2.
Step 4) Open the extracted folder.

You should now see:
1) Folder named Files
2) Folder named upgrade v601x
3) Text Document copy of the AGPL
5) Several language variations of the Readme.

Step 5) open folder named Upgrade v601x
Step 6) Uploaded upgrade.php located in said folder in Step 5 to administration/ folder on your host using your FTP client.
Step 7) Log into your website and proceed to Admin Panel < System Admin < Upgrade and follow the steps for that Upgrade.
Step 8) After the upgrade is completed upload the contents of the folder marked Files(except _config and setup.php) overwriting everything.

Holy geegolly batman, we now have a perfectly working v7 website and we didnt have to use the script in the original post of this thread.



I did the upgrade correct and had this issue doing the 7.00.5 upgrade from 6.01.x. Please do not make people look like idiots when its the upgrade process that is broke. I did not receive any errors when processing the upgrade and I replaced all files as you said. Yet my passwords were still broken and I could not logon to the site. Case in point we need this script so dont knock it until you need it or try it. smile
I upgraded from 6.00.207 to 7.02.03 and now users cannot login or reset their passwords... will this script fix the issue?

Merged on Aug 21 2011 at 01:02:14:
tried it and now no one can login to the site.
Thread Information
Author
Replies
21 posts
Views
10,069 times
Last Post
Last updated on 7 years ago
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
Users who participated in discussion: muscapaul, Daywalker, Krazyone, skopljanac, afoster, krisidious, MikeCZE, clone9cz