CRITICAL SECURITY VERSION UPDATE:
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13

How is the password encoded in the database

djsmiley2kdjsmiley2k
edited August 2012 in Installation
I've looked through the documentation but I'm not a programmer, I've just been given the task of supporting our fuel install.

Clearly the password in the database is encoded in some style, if I wanted to change it to something else with a mysql update statement, what kind of encoding do I need to use?

Comments

  • adminadmin
    edited August 2012
    The current master branch 0.93 uses a simple MD5 hash. The 1.0 version uses a sha1 with salt. The users_model in 1.0 has a users_model::salt() and users_model::salted_password_hash($password, $hash); that you can use.
  • djsmiley2kdjsmiley2k
    edited August 2012
    Ok that gives me a nice starting point.

    As I'm not a programmer, is there someway to simply "generate" the hash for the password manually; or in mysql (I don't know any PHP nor how to go about using those methods).

    ---

    Sorry for asking about things which are basically outside the scope of FUEL; Due to the way this has been passed to me I'm expected somehow to take on developer functions when I'm not a developer and so I'm flapping blindly in the wind..
  • adminadmin
    edited 11:26AM
    You can can generate the hashed password value by using MySQL's MD5 function like so:
    update table users set password = MD5('test') where id=1;
Sign In or Register to comment.