A while back I had to migrate a legacy application’s user information into a WordPress MU application, transferring user accounts from the old platform to the new.
I needed to figure out a way to create 10,000+ WP users based on the old information. The old application stored the user passwords in clear/plain text, WP one-way encrypts passwords. Turns out its pretty easy to create the necessary data in wp_users and wp_usermeta, if you can figure out how to hash the password so WP understands everything.
The code below is a sort-of test harness that shows how to update an existing WP user and set their password to a known value.
require_once('/usr/local/apache/htdocs/next.sloanreview.com/wp-includes/class-phpass.php');
# get the new user password
$password = 'foo';
# find the user's WP id (wp_users.ID)
$user_id = 1;
change_user_password($password, $user_id);
function change_user_password($password=false, $user_id)
{
$wp_hasher = new PasswordHash(8, TRUE);
$password = $wp_hasher->HashPassword($password);
if(is_numeric($user_id)) {
$sql = "UPDATE wp_users SET user_pass = '$password' WHERE ID = $user_id LIMIT 1;";
# then connect to the DB and execute mysql_query($sql)
}
}
Thanks for your code. But it is changing when i refreshing the page.Then how could i compare it for user authentication?. Please explain…
@raja
If the user supplies a password for authentication and you store it in $pass:
$wp_hasher = new PasswordHash(8, TRUE);
$password = $wp_hasher->HashPassword($pass);
Then query the wp_users table to make sure that wp_users.user_pass== $password
This script saved my skin. Thanks a bunch. I had to echo the hash and put it in manually in phpmyadmin but that is cause i didn’t uncomment the mysql_query till after I got the echo working…
Thanks again