- Joined
- May 27, 2007
- Messages
- 6,390
- Solutions
- 21
- Reaction score
- 1,471
This PHP application will convert passwords in your database from plain-text to hashed, it supports both MD5 (untested) and SHA1.
PHP:
<?php
$databaseUsername = '';
$databasePassword = '';
$databaseName = '';
$databaseHost = 'localhost';
$newHashType = "SHA1";
$handle = @fopen("converted", "r");
if($handle)
{
$content = stream_get_contents($handle);
fclose($handle);
if($content == "1")
die("You have already converted the passwords to {$newHashType}.");
}
$mysqli = new mysqli($databaseHost, $databaseUsername, $databasePassword, $databaseName);
if(mysqli_connect_errno())
exit();
$result = $mysqli->query("SELECT `id`, `password` FROM `accounts`;");
if($result->num_rows > 0)
{
if(strcasecmp($newHashType, 'sha1') == 0)
{
for($i = 0; $i < $result->num_rows; $i++)
{
$row = $result->fetch_row();
$mysqli->next_result();
$mysqli->query("UPDATE `accounts` SET `password` = '" . $mysqli->real_escape_string(sha1($row[1])) . "' WHERE `id` = {$row[0]};");
}
}
else if(strcasecmp($newHashType, 'md5') == 0)
{
for($i = 0; $i < $result->num_rows; $i++)
{
$row = $result->fetch_row();
$mysqli->next_result();
$mysqli->query("UPDATE `accounts` SET `password` = '" . $mysqli->real_escape_string(md5($row[1])) . "' WHERE `id` = {$row[0]};");
}
}
else
{
$mysqli->close();
die("Unsupported $newHashType.");
}
echo "Successfully hashed {$result->num_rows} passwords.";
$handle = fopen("converted", "w");
fwrite($handle, "1");
fclose($handle);
}
$mysqli->close();
?>