I am updating my PS 1.6 to 1.7. I know PS 1.6 uses this encryption method md5(_COOKIE_KEY_.$passwd) but we converted it to md5($passwd) previously for having compatibility with our previous shop not-prestashop.
Now we want to update to 1.7 and we see that the encryption method has changed to hash(). We have achieved to log in previous users changing this function: getByEmail(), but now we want the register to work well (saving the password as md5($plaintextpassword)). We know that the new encryption method is much more secure and is not recommended to use md5($plaintextpassword) but now we cannot change that.
We have changed in Classes/Customer.php all lines from:
$this->passwd = $crypto->hash($password);
to:
$this->passwd = md5($password);
But with all this changes when we register a new user, it's saved as the hash() method in this format $2y$10$VPm9ygay2ldd0Vu0J4ttQuOdD/mIytURV/nXCXKs4GcB4AkIWtaQm instead of this: bcef5cffa6f4bb0abb94cf6fa7a7cb2f. I don't find where I have to change to save in the desired format?
You have to override PrestaShop and add new additional password checker:
if(!loginWithOriginalMethod($password)) {
loginWithAdditionalMethod($password);
}
By using this way, both your new and old customers can login to your store