Which encryption method does Prestashop use for the password field and how does it do it?
Solution 1
From Tools.php
public static function encrypt($passwd)
{
return md5(_COOKIE_KEY_.$passwd);
}
public static function hash($passwd)
{
return md5(_COOKIE_KEY_.$passwd);
}
In 1.6 _COOKIE_KEY_
is defined in /config/settings.inc.php
In 1.7 it's defined in /config/bootstrap.php
Solution 2
In 1.6 _COOKIE_KEY_
is defined in /config/settings.inc.php
In 1.7 it is generated from this file /config/bootstrap.php
but stored here /app/config/parameters.php
If you are trying to insert directly in database than select md5 first than paste _COOKIE_KEY_
and type password.
Solution 3
After doing what Vividus says, you have to execute this query in phpmyadmin:
UPDATE ps_employee SET passwd=md5("COOKIE_KEY+Your_new_pass")
WHERE email="email_user
The "plus" sign does not go inside the quotes, it's all together COOKIE_KEY
and your new password.
Gourav bagora
Updated on June 14, 2022Comments
-
Gourav bagora almost 2 years
Which encryption method does Prestashop use for the password field and how does it do it? I want to encrypt the password field using the same technique as Prestashop. Currently I am using this one:
$pass=md5($password);
-
mister martin over 7 yearsWhere did you get line 1178? I see lines 1055 and 1069 on their Github page.
-
TheDrot over 7 years@mistermartin That's prestashop 1.7 version.
-
Whip over 7 yearsOn 1.7, its not defined in settings.inc.php. I can't find where it's coming from though
-
TheDrot over 7 years@VeeK it's defined in /config/bootstrap.php.
-
user4182277 about 5 yearsPrestashop doesn't use MD5 anymore, please see stackoverflow.com/questions/55895336/… It uses 12-round bcrypt now