[geeklog-devel] Google Code-in: Tasks and Mentors wanted!

Rouslan Placella rouslan at placella.com
Tue Nov 2 11:44:06 EDT 2010

Quoting Joe Mucchiello <jmucchiello at yahoo.com>:
> The real trick
> to this task is making the change. You probably need to add a field to
> gl_users that is "false". When false, the old password mechanism is used
> and then the password is changed to the new method and the field set to
> true. When true of course you use the new method.
>   Joe

If the new encryption algorithm produces a longer hash then md5 (which  
may be a good idea), then it will not be necessary to add an extra  
field. It will only be necessary to increase the size of the existing  
field in the DB structure. Once this is done, detecting what sort of  
hash it is would be trivial, e.g.:

if ( strlen($hash) == 32 ) {
     // Assume md5
} else {
     // Assume new method


More information about the geeklog-devel mailing list