I’m re-writing an old site that has the passwords stored using mysql’s OLD_PASSWORD() one-way encryption function. I’m not sure where i can overwrite $user->validatePassword($this->password) to use OLD_PASSWORD in order to validate properly. Any help greatly appreciated.
You should edit component/UserIdentity and update the function authenticate();
$user=User::model()->find('username=:username, password = OLD_PASSWORD(:password)',
Right! Now I just realized that else if (!$user->validatePassword($this->password)) is redundant because $user(model) will always equal to null as I am getting the username and password, so if the passowrd doesn’t match $user will always be null…