I installed one of the MD5 password encryption hacks on my board, and since vB 2.2.0 has password encryption in it, it is going to encrypt the passwords already in the DB. To avoid double-hashing users' passwords, some altering is needed to the upgrade file. I'm only going to do it for upgrade13.php, I assume it'll be the same/very close for the other files:

Instructions are attached.

Remove this line from the script

$DB_site->query("UPDATE user SET password='".md5($user['password'])."' WHERE userid='$user[userid]'");

Er...

I wasn't asking how, I was showing how. That won't nessesarily work, as not all users may have selected to use password encryption. :)

Your code will not work as this:
$users=$DB_site->query("SELECT userid,password FROM user ORDER BY userid LIMIT $startat,$perpage");
should be more like this:
$users=$DB_site->query("SELECT userid,password,encryptedpass FROM user ORDER BY userid LIMIT $startat,$perpage");
:)

Why do I always leave the most obvious things out? lol.. :)

Attachment updated.

I assumed the hack encrypted everybody as I don't see the benefit of allowing users to choose if they want their password encrypted or not.

yada yada yes they could then request it if they forgot it without having to make a new one but it is best if everyone is on the same page.

The hack I used allowed them to choose, I think the other ones do also.

I have this MD5 hack installed: https://vborg.vbsupport.ru/showthread.php?s=&postid=197751


Possible to post upgrade13.php instructions to up from vb2.03 to vb2.2.0 please ?

Originally posted by freddie
Remove this line from the script

$DB_site->query("UPDATE user SET password='".md5($user['password'])."' WHERE userid='$user[userid]'");

yep I just saw that one - thanks