How to Import members from a csv file to smf 2.0.2 ?

[okee]

Hi

I have about 110 members details in an excel spreadsheet that i want to import into SMF 2.0.2
I searched the forums and found a handy script but it seems to be for v 1 i've edited it a bit
but it imports only 1 of the 2 users in the test.csv file and when i log in as that user it doesn't recognise
the password, I was wondering if anyone with knowledge of PHP could help
Thanks in advance

The csv file looks like this (emails changed)

Code Select Expand

10000, Rich, password, [email protected],,,,,,
10001, Dave, password, [email protected],,,,,,

and the php script is as follows

Code Select Expand


<?php

$importfile = "test.csv";
$escape = ",";

require_once(dirname(__FILE__) . '/Settings.php');

// we start the database connection
$db_connection = mysql_connect($db_server, $db_user, $db_passwd);
$db = mysql_select_db($db_name);
$import = file($importfile);

//remove the first line (description of user data)
array_shift($import);

//now loop all lines and insert the members
foreach ($import as $lines)
{
   //explode the lines
   $users = explode($escape,$lines);
    //generate the dateRegistered
   $regdate = mktime();

   //Now insert the new user
   mysql_query("
      INSERT IGNORE INTO {$db_prefix}members
         (member_name, id_group, real_name , passwd, email_address, date_registered)
      VALUES ('$users[0]', '9', '$users[1]' , '" . sha1($users[2]) . "', '$users[3]', '$regdate')");
}
mysql_close($db_connection);
echo 'IMPORT COMPLETE!';
?>


in these 2 rows:

[MrPhil]

You'd probably use time() instead of mktime(). Isn't mktime() expecting some arguments? See what the current code uses. If it uses the MySQL now(), that's what you should do.

Regarding the password, I think they changed the hashing method between v1 and v2, so the old passwords won't work. What is sha1(<old password>) supposed to give you? Very likely each user is going to have to click the "forgot password" link and ask for a new password (which they should then change).

[okee]

the time/date registered is ok.
The main problem i'm having is creating a valid password to be stored in the database.
I've searched on the web and it seems that smf 2 stores the password as sha1 using
the username to salt it,

sha1(strtolower($users[0]) . $users[2])


but when i do that and try and login it says incorrect password
This is what i think should work

Code Select Expand

<?php

$importfile = "test.csv";
$escape = ",";

require_once(dirname(__FILE__) . '/Settings.php');

// we start the database connection
$db_connection = mysql_connect($db_server, $db_user, $db_passwd);
$db = mysql_select_db($db_name);
$import = file($importfile);

//remove the first line (description of user data)
//array_shift($import);

//now loop all lines and insert the members
foreach ($import as $lines)
{
   //explode the lines
   $users = explode($escape,$lines);
    //generate the dateRegistered
   $regdate = mktime();

   //Now insert the new user
   mysql_query("
      INSERT IGNORE INTO {$db_prefix}members
         (member_name, id_group, real_name , passwd, email_address, date_registered)
      VALUES ('$users[0]', '9', '$users[1]' , '" . sha1(strtolower($users[0]) . $users[2]) . "', '$users[3]' ,'$regdate')");
}
mysql_close($db_connection);
echo 'IMPORT COMPLETE!';
?>

[MrPhil]

When you hit PHP 5.3, mktime() is going to give you an error or warning.

Is the password string you have now the raw unhashed password, or has it already been hashed? I suspect the latter, so hashing it again is probably just going to make a bigger mess. If SMF didn't change its password handling between the two versions, you would just use the password strings as-is, but if it's changed, I think you're out of luck.

[okee]

the password string is just text taken from the csv file as shown in the first
post, the php file should then encrypt it and put it in the database which it
seems to do but when i go to login it says incorrect password
I'll adjust the mktime like you said, thanks

[Kindred]

add the password in cleartext - when the user logs in, they will be notified that security has been updated and they will be asked to enter a new password.

It is not just encrypted using sha1, it is encrypted AND hashed.

[okee]

I think i'll just do that, it's also an easy methode of making sure they change their password