Today we will see how to reset the OpenCart password (e-commerce system in PHP) manually, directly in the database; generating the hash and the salt manually with a function created by me.

Function that generates salt and new password

Here I leave the code, and the explanation at the end.

The function returns an array that has the salt and the password, the way to call it is to pass the password in plain text. You can try and use the function here.

Once you have the salt and the password just do an update of your database table.

In my case:

My table is called oc_user because when I installed OpenCart I used that prefix, in your case it can vary.

The algorithm and the way that OpenCart uses it

Thanks to OpenCart is open source we can see how it generates the salt and saves the hashes.

In its source code it implements obtaining a cryptographically secure random string and then uses sha1 to hash it, concatenating it with the user’s password.

The generation of the salt is as follows:

Generar sal para OpenCart

Generate salt for opencart password

It uses the function called token defined in helpers/general. php and then calls it, obtaining a random string of 9 digits. Then concatenate it and hash it with SHA1:

Hashear contraseña de OpenCart con SHA1

Hashed OpenCart password with SHA1

Finally, in the database it saves everything in the user table in the salt and password fields:

Ubicación de sal y contraseña de usuario en base de datos OpenCart

Salt location and user password in OpenCart database

Knowing all those things we could write a function that generates the salt and the password to be able to reset the password of a user manually in OpenCart.


Relacionado:  PHP: Generate cryptographically secure token

Estoy disponible para trabajar en tu proyecto o realizar tu tarea pendiente, no dudes en ponerte en contacto conmigo.
Si el post fue de tu agrado muestra tu apoyo compartiéndolo, suscribiéndote al blog, siguiéndome o realizando una donación.

Suscribir por correo

Ingresa tu correo y recibirás mis últimas entradas sobre programación, open source, bases de datos y todo lo relacionado con informática

Join 574 other subscribers


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: