Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.When using user_save() to import users, it assumes 'pass' is supplied in plaintext. However, when migrating from another CMS, or from any system that uses hashed passwords, there is no way to skip the MD5 hash, and it would effectively re-hash the already hashed password.
This patch allows the user to specify an option to skip the password hashing step, in the event that the password is already hashed. The patch is small, simple, and straightforward. It is also backwards compatible for existing uses of user_save().
I specified this patch for the 5.x line, but should work with little modification in the 6.x line. If this patch is merged, I'll write the 6.x patch as well.
| Comment | File | Size | Author |
|---|---|---|---|
| user.module.patch | 1.21 KB | winzo | |
Comments
Comment #1
drummNew features are not being added to Drupal 5.x. Please write patches against the development version, which is currently 7.x or CVS HEAD.
Abbreviations, such as 'pw', are not used in variable names in Drupal. Some spacing and lack of brackets also does not conform to our coding standards, http://drupal.org/coding-standards. The documentation comment would need to be updated too.
Comment #2
Damien Tournoud CreditAttribution: Damien Tournoud commentedSorry, drumm, but I disagree. Now that the stronger password hashing scheme (#29706) has gone in, this feature cannot be implemented anymore on Drupal 7.x. I'm reassigning this to Drupal 6.x, knowing that this is more a Swan song feature.
@winzo: if you want to implement this, please do not change the signature of user_save(). Just add a new parameter to the $user object (for example "pass_hashed").
Comment #3
dpearcefl CreditAttribution: dpearcefl commentedAt this point, no new features will be added to D6. If you think Drupal 8 needs this feature, please assign this issue to D8.