Hi
I am trying to create a program to automate the transfer of users from an existing forum into my wiki.
As far as I can see I could get away with adding the following to the users table
username e-mail address password (the list is password protected)
I ma not a php programmer so I thought ity might be easier to do this in C++ and gave written the basic elements to do the above.
The problem comes when adding the password. As far as I can see mediaWiki expects a salted hash of the hash of a password, the salt is the userID. i.e. if I create a user who has a random password (say 123abc) and a userID of say 357 then I would do the following
Create a random password (123abc)
Hash it
prepend the user ID and a dash(-), so we would have, some thing like
357-abc343acde... etc.
We then hash this string again, giving the final hash
When I do this on a test case I do not get a matching hash - what am I doing wrong?
On 2/8/06, Paul Sanderson sandersonforensics@gmail.com wrote:
Hi
I am trying to create a program to automate the transfer of users from an existing forum into my wiki.
As far as I can see I could get away with adding the following to the users table
username e-mail address password (the list is password protected)
I ma not a php programmer so I thought ity might be easier to do this in C++ and gave written the basic elements to do the above.
The problem comes when adding the password. As far as I can see mediaWiki expects a salted hash of the hash of a password, the salt is the userID. i.e. if I create a user who has a random password (say 123abc) and a userID of say 357 then I would do the following
Create a random password (123abc)
Hash it
prepend the user ID and a dash(-), so we would have, some thing like
357-abc343acde... etc.
We then hash this string again, giving the final hash
When I do this on a test case I do not get a matching hash - what am I doing wrong?
It's been a while since I've looked at the code, but I'm pretty sure that you have too many hashes. Try just prepending the user ID and dash to the clear password and hash that.
-- Rick DeNatale
Visit the Project Mercury Wiki Site http://www.mercuryspacecraft.com/
Paul Sanderson wrote:
The problem comes when adding the password. As far as I can see mediaWiki expects a salted hash of the hash of a password, the salt is the userID. i.e. if I create a user who has a random password (say 123abc) and a userID of say 357 then I would do the following
Create a random password (123abc)
Hash it
prepend the user ID and a dash(-), so we would have, some thing like
357-abc343acde... etc.
We then hash this string again, giving the final hash
Sounds right. Make sure that: * you are using MD5 * hex digits are lowercase * the hashed object is UTF-8 text, and you're not including the NULL byte or any other trailing bytes from an array
For your example of id 357 and password "123abc" you should get:
$ php -r 'echo md5("357-" . md5("123abc")) . "\n";' 397981aabef0194a3b76c1319c496659
-- brion vibber (brion @ pobox.com)
Thanks for that
I was using upper case hex digits - it all works now.
mediawiki-l@lists.wikimedia.org