I upgraded Piwik from 2.17.1 to 3.2.1. It's using PHP 5.6.29 and MySQL 5.7.18.
The core:update step initially failed (lost the connection to the DB), so I followed the instructions. I manually re-ran the remaining queries, updated the "version_core" option to 3.2.1, and re-ran core:update successfully.
Afterwards I was unable to log in with any existing users. I could reset their passwords, and then they could successfully log in. But I'm afraid I missed something, since existing users should have worked.
As part of the manual queries, I ran:
ALTER TABLE `piwik_user` CHANGE `password` `password` VARCHAR(255) NOT NULL;
So the column length was changed. But there was nothing that changed the actual values. All of the existing users had 32-character passwords. Once I reset my password, its length was changed to 60 characters.
The password hashing algorithm has been changed in https://github.com/matomo-org/matomo/pull/10740
Guess the update script for updating the passwords didn't run due to the failure: https://github.com/mneudert/piwik/blob/3.x-dev/core/Updates/3.0.0-b4.php#L76-L95
Shouldn’t the update script print out the SQL for re-hashing the passwords, when it prints out all the statements in the “dry-run” section? The instructions for dealing with a failure tell you to finish running all the SQL statements, so it should probably include those.
No. Not in that case.