Re: Password hash problem after upgrade to 1.3

Thanks for the suggestion. the salt value is indeed the same in my
development and live environment. I tried changing the hash method
using Security:setHash() but have not found a method that creates the
same hash i have stored in my db. So the next step is indeed to dive
into the Auth implementation and see if i can find any differences
(which i hoped to avoid).

Tijs

On Dec 7, 7:41 pm, Ryan Schmidt <google-2...@ryandesign.com> wrote:
> On Dec 7, 2010, at 06:16, tteuli...@gmail.com wrote:
>
> > I have an (old) CakePHP based website that i've faithfully upgraded
> > for almost each new Cake release since 1.1 but i'm running into a
> > problem now that i tried to upgrade from 1.2.6 to 1.3.6. I got most
> > everything working except getting existing credentials to work; when i
> > create new user that user can login fine but when i try any of the old
> > credentials from my live db (and using the same salt as used on the
> > live server) i get an incorrect password error. And when i output the
> > hashed password that is generated in beforeFilter() it is indeed not
> > the hash stored in my db.
>
> > So did the hashing method change between 1.2 and 1.3? And if so how do
> > i change it back?
>
> I don't know whether something related to this changed between cake 1.2 and 1.3. I don't see anything in the migration document.
>
> But, I do see this:
>
> http://book.cakephp.org/view/1254/Change-Hash-Function
>
> It says the password hashing uses your security salt, set in your config file. Assuming 1.2 did that too (and the 1.2 documentation says it does), perhaps your salt is different now, and you could change it to be the same again.
>
> Last resort, you could implement your own hashPasswords function in your User model with whatever code the old site is using, if you can find it.

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en