Question
I'm moving to a other shopping cart and want to import the customers. However the new shopping cart uses a other password system. I would like to convert the old passwords + salt to a single md5.
This is the code for the old shopping cart:
https://stackoverflow.com/questions/22635719
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianif (md5(md5($password) . md5($salt)) == $hash) {}
This is the code for the new shopping cart:
password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'
Is it possible to convert it into a single md5 string?
Solution
No. You would need the original value (the password) to recreate the hash using a different algorithm. Since you don't have the password and a hash is purposefully not reversible, you cannot get the "single MD5" value.
You'll have to adapt the code in your new system to work with the old hash values.
And you should use something better than MD5 while you're at it, it's entirely inadequate for secure password hashing. password_hash is the PHP state-of-the-art.
