Drupal investigation

password-hash.sh 1.6KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. #!/usr/bin/env php
  2. <?php
  3. /**
  4. * Drupal hash script - to generate a hash from a plaintext password
  5. *
  6. * @param password1 [password2 [password3 ...]]
  7. * Plain-text passwords in quotes (or with spaces backslash escaped).
  8. */
  9. use Drupal\Core\DrupalKernel;
  10. use Symfony\Component\HttpFoundation\Request;
  11. if (PHP_SAPI !== 'cli') {
  12. return;
  13. }
  14. if (version_compare(PHP_VERSION, '5.4.5') < 0) {
  15. $version = PHP_VERSION;
  16. echo <<<EOF
  17. ERROR: This script requires at least PHP version 5.4.5. You invoked it with
  18. PHP version {$version}.
  19. \n
  20. EOF;
  21. exit;
  22. }
  23. $script = basename(array_shift($_SERVER['argv']));
  24. if (in_array('--help', $_SERVER['argv']) || empty($_SERVER['argv'])) {
  25. echo <<<EOF
  26. Generate Drupal password hashes from the shell.
  27. Usage: {$script} [OPTIONS] "<plan-text password>"
  28. Example: {$script} "mynewpassword"
  29. All arguments are long options.
  30. --help Print this page.
  31. "<password1>" ["<password2>" ["<password3>" ...]]
  32. One or more plan-text passwords enclosed by double quotes. The
  33. output hash may be manually entered into the
  34. {users_field_data}.pass field to change a password via SQL to a
  35. known value.
  36. EOF;
  37. exit;
  38. }
  39. // Password list to be processed.
  40. $passwords = $_SERVER['argv'];
  41. $autoloader = require __DIR__ . '/../../autoload.php';
  42. $request = Request::createFromGlobals();
  43. $kernel = DrupalKernel::createFromRequest($request, $autoloader, 'prod', FALSE);
  44. $kernel->boot();
  45. $password_hasher = $kernel->getContainer()->get('password');
  46. foreach ($passwords as $password) {
  47. print("\npassword: $password \t\thash: ". $password_hasher->hash($password) ."\n");
  48. }
  49. print("\n");