• Hello,

    I found this plugin could help in adding extra meta data to the users profiles.
    A CSV-file was loaded/imported with the new data columns; hundreds of users were updated and hundreds of users password were corrupted?!!!
    Then you learn of one way of becoming very “popular”!
    And even the admin password had to be re-defined digging into the SQL – qualified waste of time.

    So – please advice. What happened there??
    How could the password be corrupted for all the users, when the password-field was not part of the import?

    It’s a handy tool and it could come into use again, but I only make this mistake once.
    If it is a “feature” which can be handled, the documentation must be very clear about it – please!

    BR Lars

Viewing 15 replies - 1 through 15 (of 19 total)
  • Same problem here. I used user_pass field cause I’ve just exported users from Joomla. I’ve got a csv file with username, email and password (hashed in MD5) fields, so I’ve changed “password” to “user_pass”. Then I try to import file but I got a different passwords. I checked them with phpmyadmin and they are different so I guess the plugin isn’t taking the user_pass field and taking it as blank field generating another one in the process.
    What should I try?

    • This reply was modified 8 years, 3 months ago by grefu.
    Thread Starter LarsHdg

    (@larshdg)

    Hello Alberto and Javier,

    Can you please reply to this support question?
    The described corruption of passwords is very annoying to any site and should be addressed by the authors, in order for other users to avoid the same issue and related cumbersome clean-up.

    Looking forward.

    BR Lars

    Plugin Author Javier Carazo

    (@carazo)

    I am the person responsible of this plugin and for personal reasons I won’t be able to answer in some days.

    I answer as soon as I can.

    Sorry for the delay I don’t use to be late answering.

    Plugin Author Javier Carazo

    (@carazo)

    Hello,

    I have just arrived.

    Could you tell me which kind of password (plain text or hash) are you using and which name are you using in the column?

    Thanks.

    Plugin Author Javier Carazo

    (@carazo)

    @grefu

    If you use user_pass you have to use the same hash that WordPress use. Joomla! hash (MD5) may not work with WordPress.

    Thread Starter LarsHdg

    (@larshdg)

    Hello Javier,

    Good to hear from you ??

    The password used is the “standard” WP-password ( I actually thought that was MD5?). The users enters their own password (min 8 chars in a mix of 4 different types – azAZ09#¤…).
    But, the password was NOT part of the import.
    The 2 first column were the Nickname and email as the instructions says, and the following were some custom fields.
    The import was merely an update of existing users with respect to these custom fields.

    Thanks for your support.

    BR Lars

    Plugin Author Javier Carazo

    (@carazo)

    @larshdg

    If you are using passwords created by your users, you have to use the column name “Password”. If you are using passwords from a WordPress database you can use the “user_pass” column.

    Tell me.

    Thread Starter LarsHdg

    (@larshdg)

    Hi Javier,

    I understand what your saying, but I did NOT include any password column in the import; I “just” imported from a CSV including “nickname”, “email” and other 5 user fields. And I certainly did not expect the import to corrupt all the user passwords as it was not included in the import.

    So reading between the lines – are you saying that the CSV-file also MUST included a column named “Password” or “user_pass” in order for the import not to corrupt the passwords??
    That is a very important point. Or…??

    BR Lars

    Plugin Author Javier Carazo

    (@carazo)

    If you don’t set a “Password” column the plugin auto generate and save it.

    Maybe this is not correct and the best one is:
    1) If user is being created the behaviour is ok
    2) If user is being update we should do nothing in this case

    What do you think?

    Thread Starter LarsHdg

    (@larshdg)

    Hi Javier,

    It is very important that it is clearly stated that passwords can be re-generated unless you do so and so xxxxx…..

    Regarding importing user meta there are 3 situations to consider (maybe more?)
    1) Generating new users by import of details.
    2) Updating users.
    3) A combination of 1+2.
    (In my case no. 2 was the task for your plugin)

    So, your proposal sounds like the right approach ??
    1) Option for creating passwords for new users being imported.
    2) Updating users: do NOT touch the password. You could add an option here to generate new passwords, but that will have to be very distinct marked – BIG tick mark! with explanations/WARNING! on import start button ??

    You are on the right track ??

    BR Lars

    Plugin Author Javier Carazo

    (@carazo)

    @larshdg

    I will include it in new version, as I have much work those days, maybe this won’t be available so soon as I would like it to be.

    Thread Starter LarsHdg

    (@larshdg)

    Hi Javier,

    In due time. Personally I do not expect I will be using the plugin for the next few weeks.
    But I will suggest, that you do make one quick update asap. to th eplugin – just making a note/warning in the plugin itself, that Passwords will be changed if … so and so….
    Then other users hopefully wont get into the same unfortunate situation as I did, corrupting hundreds of passwords; I’m still very “popular” ??

    Thanks for your support and commitment ??

    BR Lars

    Plugin Author Javier Carazo

    (@carazo)

    I have just done it.

    I have changed it and it will work as we talked.

    Please consider making a little donation or a good review in order to help us to improve this plugin in the future.

    Thanks.

    Thread Starter LarsHdg

    (@larshdg)

    Hello Javier,

    Sorry for my delayed feedback – busy times.
    You are a Champ! I will test the new version shortly on a test site where I don’t risk anything ??

    And I’ll surely make a good review – and a donation; it’s a very handy plugin which deserves attention! I will surely be using it again for similar operations.

    Despite the unfortunate incident of corrupting all the password – Thanks for your support, appreciated! ??

    Best regards, LarsHdg

    Plugin Author Javier Carazo

    (@carazo)

    @larshdg

    Thanks for your review and sorry again for the problem.

    The default functionality was not reasonable.

    We continue here working to give the best plugin and support!

Viewing 15 replies - 1 through 15 (of 19 total)
  • The topic ‘Corrupt password after import’ is closed to new replies.