diff options
| author | webchick <webchick@24967.no-reply.drupal.org> | 2011-09-30 15:15:54 -0700 |
|---|---|---|
| committer | webchick <webchick@24967.no-reply.drupal.org> | 2011-09-30 15:15:54 -0700 |
| commit | 0b19df68bdaba9c9d11da50d562007bf5969125f (patch) | |
| tree | 38e842a80cad782aff98fdf2f07d22855b647de1 /modules/user/user.install | |
| parent | aed4de70c7bcaddb63f4b7eedec73f9802a88791 (diff) | |
| download | brdo-0b19df68bdaba9c9d11da50d562007bf5969125f.tar.gz brdo-0b19df68bdaba9c9d11da50d562007bf5969125f.tar.bz2 | |
Issue #1205138 by pwolanin, Dave Reid: Do not blow away non-MD5 password hashes in user_update_7000().
Diffstat (limited to 'modules/user/user.install')
| -rw-r--r-- | modules/user/user.install | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/modules/user/user.install b/modules/user/user.install index 9d855ea1d..9119aac07 100644 --- a/modules/user/user.install +++ b/modules/user/user.install @@ -428,6 +428,13 @@ function user_update_7000(&$sandbox) { $result = db_query_range("SELECT uid, pass FROM {users} WHERE uid > 0 ORDER BY uid", $sandbox['user_from'], $count); foreach ($result as $account) { $has_rows = TRUE; + + // If the $account->pass value is not a MD5 hash (a 32 character + // hexadecimal string) then skip it. + if (!preg_match('/^[0-9a-f]{32}$/', $account->pass)) { + continue; + } + $new_hash = user_hash_password($account->pass, $hash_count_log2); if ($new_hash) { // Indicate an updated password. |