Unfortunately, Joomla from version 1.5 (which I've noticed, and probably 1.0 as well) does not save your encrypted passwords hop classic format: encrypted, but does the opposite. This complicates the interaction with other programs wishing to use the access database to authenticate. Fortunately, there is a way to do it, with the risk involved that the password must be kept clear.
Changing to a clear scheme is not advisable, but you may need it under special circumstances.
Configuration
To do this, you must perform the following steps:
- edit the file libraries / joomla / user / helper.php file and change
public static function getCryptedPassword ($ plaintext, $ salt ='', $ encryption = 'md5-hex', $ show_encrypt = false)
bypublic static function getCryptedPassword ($ plaintext, $ salt ='', $ encryption = 'plain', $ show_encrypt = false)
- edit the file libraries / joomla file / user / user.php and change all occurrences of
$Array ['password'] = $ crypt. ':'. $ Salt;
by$Array ['password'] = $ crypt; / /. ':'. $ Salt;
Tested on Joomla 1.5 and 3.1.4
Joomla 3.2 is a little different:
- edit the file libraries / phpass / PasswordHash.php and change
$Match = JCrypt::timingSafeCompare ($hash, $testcrypt);
by$Match = JCrypt::timingSafeCompare($hash, $testcrypt) || JCrypt::timingSafeCompare ($hash, $ assword);
- edit the file libraries / joomla / user / user.php file, find the routine function HashPassword ($ password)and add
return $password;
at the beginning of the routine
Tested on Joomla 3.2.2
Joomla 3.3.0 is almost the same.
- edit the file libraries / joomla / user / helper file and change
$Match = JCrypt::timingSafeCompare($hash, $testcrypt);
by$Match = JCrypt::timingSafeCompare($hash, $testcrypt) || JCrypt::timingSafeCompare ($hash, $password);
- in the same file, find the routine function HashPassword ($ password)and add
return $ password;
at the beginning of the routine - in the same file, change
public static function getCryptedPassword($plaintext, $salt ='', $encryption = 'md5-hex', $show_encrypt = false)
bypublic static function getCryptedPassword($plaintext, $salt ='', $encryption = 'plain', $show_encrypt = false)
Tested on Joomla 3.3.0 and 3.4.x
Enjoy!