I need to insert users into a WordPress blog via a PHP script or MySQL, and I have a plain text password. I thought I could do something like this:
$query = "INSERT INTO $new_db.wp_users (user_login, user_pass, user_nicename)
select user_email, md5(user_password), user_name from $source_db.users";
But the passwords all look different from what the WordPress passwords look like now. All the passwords all start with $P$B
From reading it says there is a salt… is there a way to take a password like test123 and turn it into the encrypted password that WordPress expects?
The most sensible solution would simply be to use the relevant WordPress function (wp_generate_password) itself.
However, if this isn’t an option, you could simply extract the
wp_generate_password
function (it’s in /wp-includes/pluggable.php) and relevant support functions.WordPress uses phpass hashing, which is different from MD5.
The easiest way to create the password is …
correct email.
Don’t forget to copy a “wp_capabilities” and a “wp_user_level” from another account.
This function will do what you described to transform the password:
You’ll need to select it from
source_db
, transform it in PHP, then insert it intonew_db
.WordPress used to use MD5 passwords, and still can. Setting the passwords as MD5 hashes should work fine. As each user logs in for the first time, WordPress will rehash their password based on the stronger security it now uses.