Migrate module: handling encrypted passwords

UPDATE: it is no longer necessary to do this, as the latest release of the migrate module supports md5 passwords. The hook names have also changed - the word 'destination' has been removed.

Last month I blogged about using the Migrate and TableWizard modules to migrate users and nodes from the CMS Made Simple content management system to Drupal. Since then I've been using them more and more and have implemented a number of the migrate hooks to manipulate the data during the migration process.

One of the issues I encountered when migrating users was that the password was stored as a md5 hash. This is also how Drupal stores its passwords, so no problem, right? Wrong. When setting up the user content set and mapping fields from CMS MS to Drupal, there is a mapping field for the password. However, it expects the password to be plain text. Simply setting the password to be the md5 hash value would not work as the hash value would be re-hashed again.

To overcome this I implemented the hook_migrate_destination_complete_user() hook in a custom module. This allows my custom module to manipulate the user data, one row at a time, immediately after the user data has been stored in Drupal's database.

<?php
function mymodule_migrate_destination_complete_user(&$user, $tblinfo, $row) {
  // Get the original password.
  $password = $row->cms_users_password;

  // Update the new user record in Drupal's user table.
  db_query("UPDATE {users} SET pass = '%s' WHERE uid = %d", $password, $user->uid);
}
?>

The $user object contains the newly created Drupal user, whereas the $row object contains the original user data, unmodified, and corresponds to one row of the view used in the migration. Each element of the $row object is named in the format "tablename_fieldname".

With this hook I was able to modify the migrated user data and forcefully set the password in the database to be the original md5 hashed password. Using user_save() was not possible as it is the function which generates the md5 password hash, which is why I needed to implement this solution in the first place.

Migrating users from other content management systems may not be so easy. I was just lucky that the method of encryption used for passwords in CMS Made Simple and Drupal were the same.