By sleepytom on

OK i know this is a touchy subject! let me firstly explain what i would like to be able to achieve.

I'm involved in running a site which has a fairly large vbulletin forum and a separate portal website based on a custom CMS where users can upload news and articles and stuff. Currently the custom CMS is proving to be a nightmare as the guy that developed in has left the project and has not written any help files for his CMS system making it hard to adapt and somewhat of a dead duck. I would like to move the portal over to drupal (for obvious reasons - ie drupal is great!)

now the trouble for me comes because i would like to be able to have our current forum users use their existing vbulletin login to access the drupal site - I'm not too concerned about new users having to sign up twice to get a login for each site, but i would like our existing forum users not to have to sign up for a new account for the drupal site (more specifically i don't want people to be able to steal each others usernames). As there are over 10,000 users on the forums it would be better to be able to do an automate dump of usernames and password into drupal than have to do them manually :)

we do not want to convert our vbulletin forum to drupal - it works ok on its own and we don't need it to be tightly integrated with drupal (drupal's RSS features are more than adiquate for my needs in this respect - i can easily do latest forum topics and stuff like that with rss)
we do not want to get locked into a proprietary system such as vbdrupal -we want the real drupal core so we can do updates and benefit from the purity of a full drupal install.
I do not want to get into a debate about the relative merits of drupal's forums v's vbulletin!

I'm not a skilled php developer, I have some limited experience of php/mysql but mostly in a very hacky newbie cut and paste fashion so i am asking here for advice about the best method to use. I can use phpmyadmin to some degree.

my ultimate aim is a onetime dump of vbulletin's users and passwords into drupal. I suspect from my limited knowledge that this could be fairly easily done with sql dumps and imports but i'm not sure that the password data is stored as the same format so maybe a conversion script would also be required?

Finally I'd like to add that i'm not demanding that any of these functions be incorporated into drupal - nor indeed demanding that anyone does anything at all! I'm asking for a little help to enable me to use drupal to develop my portal site.

whilst none of our current admins / developers are paid we are currently looking into funding for our ongoing server costs as well as future development so its possible that we can find a modest payment for help with this issue.

i'd be most grateful for any advice as to the best way of proceeding with this task.

Categories: Drupal 4.7.x

Comments

Robert Castelo’s picture

Robert Castelo commented

This is probably what you're looking for:

http://drupal.org/node/31940

The version marked 'cvs' is for 4.7, I haven't had time to create a proper 4.7 release yet, but it works well enough.

Uploading the csv user data file through the browser is still not working, but a new feature has been added which allows the use of a csv files which have been uploaded with FTP - this is actually much more useful for large imports were the file is too big for browser upload anyway.

Cortext Communications
Drupal Themes & Modules

------------------------------------------
Drupal Specialists: Consulting, Development & Training

Robert Castelo, CTO
Code Positive
London, United Kingdom
----

sleepytom’s picture

sleepytom commented

Thank you - that should do the job with a small problem of being unable to export the passwords from vbulletin as plain text - as far as i can see what i have to do is export the user names and account emails and then import these into drupal. and then send them a welcome email which will invite them to the site and tell them their randomly generated password.

this will work ok apart from the issue of people with out of date email addresses. (the site in question dates back several years and many users will have out of date emails i suspect)

is there a way to log which emails have bounced and to then remove these new accounts on mass? (or do you know of a third party bit of software that could mass check emails exist so i could remove them from the csv file before using the import user module?)

I would much prefer it if i can create accounts only for users with real non bouncing email addresses and cull any users who's email doesn't work (that way they can create a new account with their old username - people who have inactive email addresses run the risk of having their username stolen but i don't mind that - serves them right for not updating their email address!)

I guess the first step I will take is posting a sitewide announcement on our existing forum telling users to make sure their email address is uptodate :)

thanks for your help

ego2gogo’s picture

ego2gogo commented

OK, first off, I know this is a hack, but if you're dealing with thousands of users, forcing password changes on conversion isn't a great idea. Here's what I did...

Overview

This is a hack function to handle real-time conversion of vBulletin user passwords into Drupal user password.

vb passwords are saved as follows:

md5(md5($password) . $vbulletin->userinfo[’salt’]);

Whereas Drupal passwords are stored as:

md5($pass);

Affected files

* /modules/user/user.module (there is a single line hack in this file)
* /sites/all/modules/custom/common/common.php (a set of common functions I typically create)
* /sites/all/modules/custom/common/common.module (this module uses a hook_init() to load the common.php and any other init things I need)

Drupal Steps

1. Extend drupal_users table to include a drupal_users.salt (another hack, although you could create a separate table if you like)
2. Migrate users from vBulletin to Drupal (this is a simple sql ETL process)
3. When users log in, user.module fires user_authenticate(). The following lines were added to this module (@line 1358 on Drupal 6.x):

// vBulletin user migration hack
// Check for a salted password and update the database if necessary. Must be done prior to user_load in the user_authenticate() function.
unsalt($form_values['name'], trim($form_values['pass']));

//this begins the login validataion procedure..
$account = user_load(array('name' => $form_values['name'], 'pass' => trim($form_values['pass']), 'status' => 1));

4. common.module contains at least this:

function common_init()
{
	//	Required Files
	require_once(drupal_get_path('module', 'common') . '/common.php');
}

5. a function called unsalt is found in common.php

function unsalt($name, $pass)
{
	$query="SELECT name, pass, salt FROM drupal_users WHERE name='" . $name ."'";
	$result=db_query($query);
	$thisrow=db_fetch_array($result);
	if (is_null($thisrow['salt'])) return TRUE; //the user has no salt
	else
	{
		if (md5(md5($pass).$thisrow['salt'])==$thisrow['pass']) //the user's password matches the salted version
		{
			$query="update drupal_users set pass=MD5('" . $pass . "'), salt=NULL where name='" . $name ."'";
			$result=db_query($query); //update the user's password to an unsalted version
			return TRUE;
		}
		else return FALSE;
	}
}

6. If the user has a salt value and the salted password from the login form matches the salted password in the database, rewrite the drupal_users.password=md5($pass) and set salt=NULL

7. Else, simply return false. Drupal will then handle bad password functions as normal.

Once this function fires, either the password will be reset and the rest of authentication works as planned OR the user has entered an invalid password / name combination and Drupal simply handles it as normal.