--- a
+++ b/fixPasswords/fixPasswords.php
@@ -0,0 +1,30 @@
+<?php
+require_once( "MySQLConnectionFactory.class.php" );
+
+$dbh = MySQLConnectionFactory::create();
+
+$sql = "SELECT borrowernumber, surname, password FROM borrowers";
+$results = mysql_query( $sql );
+
+while ( $bor = mysql_fetch_assoc( $results ) ) {
+  $bornum = $bor["borrowernumber"];
+
+  if ( $bor['password'] == md5_base64( $bor['surname'] ) ) {
+    $newPassClear = strtolower( trim( $bor['surname'] ) );
+    $newPass = md5_base64( $newPassClear  );
+    echo "$bornum Using default password, new pass is $newPassClear : $newPass\n";
+    
+    $sql = "UPDATE borrowers SET password = '$newPass' WHERE borrowernumber = '$bornum'";
+    echo "$sql\n";
+    mysql_query( $sql );
+  } else {
+    echo "$bornum Not using default password, doing nothing.\n";
+  }
+}
+
+
+function md5_base64( $data ) {
+  return preg_replace( '/=+$/', '', base64_encode( pack( 'H*', md5( $data ) ) ) );
+}
+
+?>