当前位置: 文江博客话题详情

如何在导入用户数据时为 md5 哈希生成 vBulletin 密码盐?

发布于 2024-08-06 09:14:10 字数 1009 浏览 6 评论 0原文

我正在将用户从旧数据库转移到 vBulletin 数据库。

我想要一个脚本来执行此操作,否则将花费很长时间。

我像 md5(password) 一样存储了所有用户的密码,

但是当然,由于盐等原因,这不适用于 vBulletin。

所以我的代码是这样的:

<?Php
mydatabase_connect();
$select=mysql_query("SELECT * from `users`");
while($user=mysql_fetch_array($select)) {

    forum_connect();
    $check=mysql_query("SELECT * from `user` where `username` = '{$user[username]}'");
    if(mysql_num_rows($check)>="1") {
        echo "fail";
        }else{
        $insert=mysql_query("INSERT into `user` SET `username` = '{$user[username]}', `password` = '{$user[password]}', `email` = '{$user[email]}'");
        if($insert) {
            echo 'success';
            }else{
            echo 'fail';
        }
    }
    mydatabase_connect();
}
?>

我如何更改它以与 vBulletin 一起使用 - 所以我可以设置一个vBulletin user.password 字段和 vBulletin user.salt 正确。请记住,我的 $user[password] 或 users.password 存储为其真实文本密码的 md5 哈希值。

谢谢!

原文

I'm transferring users from my old database to a vBulletin database.

I want a script to do this as it'll take forever otherwise.

I have all the user's passwords stored just like md5(password)

But of course, this doesn't work with vBulletin due to salts etc.

So my code is this:

<?Php
mydatabase_connect();
$select=mysql_query("SELECT * from `users`");
while($user=mysql_fetch_array($select)) {

    forum_connect();
    $check=mysql_query("SELECT * from `user` where `username` = '{$user[username]}'");
    if(mysql_num_rows($check)>="1") {
        echo "fail";
        }else{
        $insert=mysql_query("INSERT into `user` SET `username` = '{$user[username]}', `password` = '{$user[password]}', `email` = '{$user[email]}'");
        if($insert) {
            echo 'success';
            }else{
            echo 'fail';
        }
    }
    mydatabase_connect();
}
?>

How would I change it to work with vBulletin - so I can set a vBulletin user.password field and vBulletin user.salt correctly. Bearing in mind that my $user[password] or users.password is stored as an md5 hash of their real, text password.

Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

梦里人 2024-08-13 09:14:10

我不知道这个答案是否太晚了,但您应该能够自动将您的密码转移到 vBulletin 中。

vBulletin 以这种方式生成其哈希值:

$hash = md5(md5($plaintext) . $salt);

因此,要转移用户,请大致执行以下操作:

$salt = /* generate salt */;
$vb_hash = md5($your_old_hash . $salt);

为了让自己轻松,请使用 vBulletin 的盐生成方法。它位于 vB_DataManager_User 类中。

I don't know if this answer is too late, but you should be able to automatically transfer your passwords into vBulletin.

vBulletin generates its hashes this way:

$hash = md5(md5($plaintext) . $salt);

So, to transfer the users over, do roughly the following:

$salt = /* generate salt */;
$vb_hash = md5($your_old_hash . $salt);

To make it easy on yourself, use vBulletin's salt generation method. It's in the vB_DataManager_User class.

回复 原文
我不是你的备胎 2024-08-13 09:14:10

如果您的旧系统使用未加盐的哈希值,而 vBulletin 使用加盐的哈希值,那么如果您希望用户保留其密码,则必须修改 vBulletin 以也使用未加盐的哈希值。我不熟悉 vBulletin 代码,但如果每个用户都有自己的盐值,也许只需将其设置为空字符串就足够了。

如果失败,请编写一个页面以使用户能够过渡到新系统。当用户登录失败时,您可以将用户定向到一个页面,它将根据旧系统检查他们的凭据,并为新系统创建新的盐和哈希值。

If your old system used unsalted hashes, and vBulletin uses salted ones, then if you want users to keep their passwords you will have to modify vBulletin to use unsalted ones too. I'm not familiar with the vBulletin code, but if each user has their own salt value, perhaps just setting this to an empty string will suffice.

Failing that, write a page to enable a user to transition to the new system. You can direct users to a page when their login fails, and it would check their credentials against the old system, and create a new salt and hash for the new system.

回复 原文
开始看清了 2024-08-13 09:14:10

这对我有用

md5(md5(passowrd).salt);

this worked for me

md5(md5(passowrd).salt);
回复 原文
み格子的夏天 2024-08-13 09:14:10

我已经调整了用于将用户信息从现有数据库传输到 vbulletin 数据库的流程。它使用通过 MySQL 命令行客户端输入的数据库查询,不需要 PHP 处理。

它适用于概述的场景:现有数据库中的密码是使用 md5(password) 存储的。

两个数据库都在同一台服务器上,vBulletin 4.x

将创建三个存储函数:

vbulletin.userTitle() // Convert user type from current db to a user title

vbulletin.groupId() // Convert current user type into permission group ID

vbulletin.randomSalt() // Create salt using same approach as used by vbulletin

通过 MySQL 客户端登录:
mysql --user=xxx -p vbulletin

创建存储函数:

  delimiter //
  CREATE FUNCTION vbulletin.userTitle(mtype VARCHAR(255))
  RETURNS CHAR(250)
  NO SQL

  BEGIN
    DECLARE userTypeTitle CHAR(250) DEFAULT "";

    CASE mtype
      WHEN 'user' THEN SET userTypeTitle = 'Member';
      WHEN 'admin' THEN SET userTypeTitle = 'Administrator';
      WHEN 'moderator' THEN SET userTypeTitle = 'Regional Moderator';
      ELSE
        SET userTypeTitle = 'Member';
    END CASE;

  RETURN userTypeTitle;
  END//

  CREATE FUNCTION vbulletin.groupId(mtype VARCHAR(255))
  RETURNS smallint(5)
  NO SQL

  BEGIN
    DECLARE groupTypeId smallint(5) DEFAULT 0;

    CASE mtype
      WHEN 'user' THEN SET groupTypeId = 2;
      WHEN 'admin' THEN SET groupTypeId = 6;
      WHEN 'moderator' THEN SET groupTypeId = 11;
      ELSE
         SET groupTypeId = 12;
    END CASE;

  RETURN groupTypeId;
  END//

  CREATE FUNCTION vbulletin.randomSalt()
  RETURNS CHAR(30)
  READS SQL DATA

  BEGIN
    DECLARE count INT DEFAULT 0;
    DECLARE rn1 CHAR;
    DECLARE saltout VARCHAR(30) DEFAULT "";

    WHILE count<30 DO
      SET count = count+1;
      SET rn1 = CHAR(FLOOR(33 + (RAND() * 93)));
      SELECT CONCAT(saltout, rn1) INTO saltout;
    END WHILE;

  RETURN saltout;
  END//
  delimiter ;

在传输用户信息之前备份数据库。

vbulletin 数据库包含设置和测试期间使用的所有信息,因此清空我们将要更新的三个表。

  TRUNCATE `vbulletin`.`user`;
  TRUNCATE `vbulletin`.`userfield`;
  TRUNCATE `vbulletin`.`usertextfield`;

修改以下查询以使用现有数据库及其相关字段。

填写主用户表。
盐是通过现有用户表中每一行的存储函数生成的。
现有数据库中的哈希密码在插入 vbulletin 数据库时会使用盐进行哈希处理,如下所示:
MD5(current_hashed_pa​​ssword + new_salt)

主查询:

  INSERT INTO `vbulletin`.`user` (
  `userid`, `username`, `salt`, `password`, `email`, `passworddate`, `styleid`, `showvbcode`, `joindate`, `lastvisit`, `lastactivity`, `reputationlevelid`, `timezoneoffset`, `usergroupid`, `usertitle`
  )
  SELECT
  `current_userid`, `current_username`, vbulletin.randomSalt() as new_salt, MD5(current_hashed_password + new_salt), `current_email`, CURDATE(), 5, 2, UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), 5, 0, vbulletin.groupId(current_type), vbulletin.userTitle(current_type)
   from `current_database`.`user`;

以下查询为每个用户添加默认条目。

如果您添加了任何自定义配置文件字段,则需要将该信息传输到用户字段表中:

  INSERT INTO `vbulletin`.`userfield` (
  `userid`, `field5`, `field6`
  )
  SELECT
  `current_userid`, `firstname`, `lastname`
   from `current_database`.`user`;


  INSERT INTO `vbulletin`.`usertextfield` (
  `userid`
  )
  SELECT `current_userid`
   from `current_database`.`user`;

设置管理组用户的信誉级别:

  UPDATE `vbulletin`.`user` SET `reputationlevelid` = 1 WHERE `usergroupid` = 6;

删除存储的功能,它们将不会再次使用:

  DROP FUNCTION vbulletin.userTitle;
  DROP FUNCTION vbulletin.groupId;
  DROP FUNCTION vbulletin.randomSalt;

I've adapted the process I used to transfer the user information from an existing database to the vbulletin database. It uses database queries entered through the MySQL command line client, no PHP processing is required.

It works for the scenario outlined: that passwords in the existing database were stored using md5(password).

Both databases are on the same server, vBulletin 4.x

Three stored functions will be created:

vbulletin.userTitle() // Convert user type from current db to a user title

vbulletin.groupId() // Convert current user type into permission group ID

vbulletin.randomSalt() // Create salt using same approach as used by vbulletin

Log in through the MySQL client:
mysql --user=xxx -p vbulletin

Create the stored functions:

  delimiter //
  CREATE FUNCTION vbulletin.userTitle(mtype VARCHAR(255))
  RETURNS CHAR(250)
  NO SQL

  BEGIN
    DECLARE userTypeTitle CHAR(250) DEFAULT "";

    CASE mtype
      WHEN 'user' THEN SET userTypeTitle = 'Member';
      WHEN 'admin' THEN SET userTypeTitle = 'Administrator';
      WHEN 'moderator' THEN SET userTypeTitle = 'Regional Moderator';
      ELSE
        SET userTypeTitle = 'Member';
    END CASE;

  RETURN userTypeTitle;
  END//

  CREATE FUNCTION vbulletin.groupId(mtype VARCHAR(255))
  RETURNS smallint(5)
  NO SQL

  BEGIN
    DECLARE groupTypeId smallint(5) DEFAULT 0;

    CASE mtype
      WHEN 'user' THEN SET groupTypeId = 2;
      WHEN 'admin' THEN SET groupTypeId = 6;
      WHEN 'moderator' THEN SET groupTypeId = 11;
      ELSE
         SET groupTypeId = 12;
    END CASE;

  RETURN groupTypeId;
  END//

  CREATE FUNCTION vbulletin.randomSalt()
  RETURNS CHAR(30)
  READS SQL DATA

  BEGIN
    DECLARE count INT DEFAULT 0;
    DECLARE rn1 CHAR;
    DECLARE saltout VARCHAR(30) DEFAULT "";

    WHILE count<30 DO
      SET count = count+1;
      SET rn1 = CHAR(FLOOR(33 + (RAND() * 93)));
      SELECT CONCAT(saltout, rn1) INTO saltout;
    END WHILE;

  RETURN saltout;
  END//
  delimiter ;

Back up the databases before transferring the user information.

The vbulletin database has all of the information used during set up and testing, so empty the three tables that we'll be updating.

  TRUNCATE `vbulletin`.`user`;
  TRUNCATE `vbulletin`.`userfield`;
  TRUNCATE `vbulletin`.`usertextfield`;

Modify the following queries to use your existing database and it's related fields.

Fill the main user table.
The salt is generated via the stored function for each row in the existing user table.
The hashed password from the existing database is hashed with the salt when it is inserted into the vbulletin database like this:
MD5(current_hashed_password + new_salt)

Main query:

  INSERT INTO `vbulletin`.`user` (
  `userid`, `username`, `salt`, `password`, `email`, `passworddate`, `styleid`, `showvbcode`, `joindate`, `lastvisit`, `lastactivity`, `reputationlevelid`, `timezoneoffset`, `usergroupid`, `usertitle`
  )
  SELECT
  `current_userid`, `current_username`, vbulletin.randomSalt() as new_salt, MD5(current_hashed_password + new_salt), `current_email`, CURDATE(), 5, 2, UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), 5, 0, vbulletin.groupId(current_type), vbulletin.userTitle(current_type)
   from `current_database`.`user`;

The following queries add default entries for each user.

If you've added any customized profile fields, you'll want to transfer that information into the userfield table:

  INSERT INTO `vbulletin`.`userfield` (
  `userid`, `field5`, `field6`
  )
  SELECT
  `current_userid`, `firstname`, `lastname`
   from `current_database`.`user`;


  INSERT INTO `vbulletin`.`usertextfield` (
  `userid`
  )
  SELECT `current_userid`
   from `current_database`.`user`;

Set the reputation level for your admin group users:

  UPDATE `vbulletin`.`user` SET `reputationlevelid` = 1 WHERE `usergroupid` = 6;

Remove the stored functions, they won't be used again:

  DROP FUNCTION vbulletin.userTitle;
  DROP FUNCTION vbulletin.groupId;
  DROP FUNCTION vbulletin.randomSalt;
回复 原文
~没有更多了~

关于作者

兮颜

暂无简介

0 文章
0 评论
308 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

尘世孤行

文章 0 评论 0

烟─花易冷

文章 0 评论 0

你是年少的欢喜

文章 0 评论 0

倒带

文章 0 评论 0

忱杏

文章 0 评论 0

送君千里

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文