Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

73 lines (63 sloc) 2.052 kb
* Encrypt all passwords
* Action to encrypt all *clear text* passwords in the database according
* to the current settings.
* If the current settings are so that passwords shouldn't be encrypted,
* an explanation will be printed out.
* To run this action, the user needs to have administrator rights!
* @package sapphire
* @subpackage tasks
class EncryptAllPasswordsTask extends BuildTask {
protected $title = 'Encrypt all passwords tasks';
protected $description = 'Convert all plaintext passwords on the Member table to the default encryption/hashing algorithm. Note: This mainly applies to passwords in SilverStripe 2.1 or earlier, passwords in newer versions are hashed by default.';
function init() {
if(!Permission::check('ADMIN')) {
return Security::permissionFailure($this);
public function run($request) {
$algo = Security::get_password_encryption_algorithm();
if($algo == 'none') {
$this->debugMessage('Password encryption disabled');
// Are there members with a clear text password?
$members = DataObject::get(
"\"PasswordEncryption\" = 'none' AND \"Password\" IS NOT NULL"
if(!$members) {
$this->debugMessage('No passwords to encrypt');
// Encrypt the passwords...
$this->debugMessage('Encrypting all passwords');
'The passwords will be encrypted using the %s algorithm',
foreach($members as $member) {
// Force the update of the member record, as new passwords get
// automatically encrypted according to the settings, this will do all
// the work for us
$member->PasswordEncryption = $algo;
$this->debugMessage(sprintf('Encrypted credentials for member #%d;', $member->ID));
* @todo This should really be taken care of by TestRunner
protected function debugMessage($msg) {
if(!SapphireTest::is_running_test()) {
Jump to Line
Something went wrong with that request. Please try again.