Uploading users in moodle with the encrypted password

Uploading users in moodle with the encrypted password

by Mohd Ehtesham -
Number of replies: 6
I am trying to upload the users through a text file in which password field is encrypted which in not being decrypted to the real ones.
Can anyone help me out of the problem...

thanks in advance
Average of ratings: -
In reply to Mohd Ehtesham

Re: Uploading users in moodle with the encrypted password

by Oliver Jackson -
I believe the password data in your upload file should contain unencrypted passwords. The upload process will do the encryption as it inserts records for each user.
Average of ratings: -
In reply to Oliver Jackson

Re: Uploading users in moodle with the encrypted password

by Mohd Ehtesham -

Yes that is true, This is the  provision had been made in moodle to upload users by upload a text file. But my system administrator has provided me a text file in which password field is encrypted. What should I do?

Is there anyway that moodle should upload the passwords in encrypted form and again decrypt it to the orignal once to ensure the user should login with the previous passwords.

Thanks and Regards

Average of ratings: -
In reply to Mohd Ehtesham

Re: Uploading users in moodle with the encrypted password

by Oliver Jackson -
lines 185-188 of /admin/uploaduser.php in Moodle 1.8.2+ are as follows:

 // password needs to be encrypted
 else if ($name == "password" && !empty($value)) {
 $user->password = hash_internal_user_password($value);
 }
So an internal hash routine is being used to encrypt whatever is being uploaded as a password. I think it's a standard md5 hash.

I don't know much about portability of md5 encryption from one system to another but you may be able to try the following:

- get your system administrator to ensure the encrypted passwords being supplied are md5 encrypted.
- backup your Moodle database
- change line 187 of /admin/uploaduser.php shown above to not apply further encryption to the password value by editing it as follows:
 $user->password = $value;
- perform the upload
- return /admin/uploaduser.php to its original unedited state

Good luck
Average of ratings: Useful (1)
In reply to Oliver Jackson

Re: Uploading users in moodle with the encrypted password

by Mohd Ehtesham -

Thanks,

I tried this it seems it is working but unfortunately the password given by my administrator is not in encrypted in md5 rather it is in RSA. Can you guide me in this regard if any thing can be done from mine side.

Regards

Average of ratings: -
In reply to Mohd Ehtesham

Re: Uploading users in moodle with the encrypted password

by Oliver Jackson -
I'm sorry but I have no idea how to turn an RSA encrypted string into an MD5 encrypted string. I guess it would involve decrypting the RSA first which goes against the whole reason it was encrypted in the first place. Therefor it should be very difficult to do.
You will either have to get the data resupplied with MD5 encryption or ask your system administrator to do the upload for you from unencrypted data so the plain text passwords don't leave his/her control. I guess this would require you to prove that Moodle will store the passwords in a non-reversible encrypted form.

Or you could import no password data and configure Moodle to authenticate with the system that holds the passwords. Many options are available for this process at "Site Administration / Users / Authentication".
Average of ratings: -
In reply to Oliver Jackson

Re: Uploading users in moodle with the encrypted password

by Gonzalo Santos -

thanks! upgrade info for Moodle 2.8:

Edit file: /moodletest/admin/tool/uploaduser/index.php

Lines: 662 and 799

Average of ratings: -