install/schemas/upgrade/1124.php
author Dan Fuhry <dan@enanocms.org>
Mon, 19 Nov 2012 11:37:36 -0500
changeset 1370 24f5610ea589
parent 1259 49db7495f6b8
permissions -rw-r--r--
Make redirects send 302 Found instead of 307 to suppress "confirm POST resend" dialog in firefox
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1259
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     1
<?php
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     2
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     3
// Migrate passwords to the new encryption scheme
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     4
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     5
global $db, $session, $paths, $template, $plugins; // Common objects
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     6
require_once(ENANO_ROOT . '/includes/hmac.php');
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     7
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     8
@set_time_limit(0);
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
     9
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    10
$q = $db->sql_query('UPDATE ' . table_prefix . "users SET old_encryption = 2 WHERE user_id > 1 AND old_encryption = 0;");
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    11
if ( !$q )
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    12
  $db->_die();
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    13
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    14
$q = $db->sql_query('SELECT user_id, password FROM ' . table_prefix . "users WHERE user_id > 1 AND old_encryption = 2;");
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    15
if ( !$q )
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    16
  $db->_die();
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    17
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    18
while ( $row = $db->fetchrow($q) )
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    19
{
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    20
  $password = $session->pk_decrypt($row['password']);
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    21
  if ( empty($password) )
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    22
  {
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    23
    global $ui;
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    24
    echo '<p>1.1.5-1.1.6 migration script: ERROR: bad password returned from $session->pk_decrypt()</p>';
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    25
    $ui->show_footer();
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    26
    exit;
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    27
  }
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    28
  $hmac_secret = hexencode(AESCrypt::randkey(20), '', '');
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    29
  $password = hmac_sha1($password, $hmac_secret);
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    30
  $e = $db->sql_query('UPDATE ' . table_prefix . "users SET password = '{$password}', password_salt = '{$hmac_secret}', old_encryption = 0 WHERE user_id = {$row['user_id']};");
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    31
  if ( !$e )
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    32
    $db->_die();
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    33
}
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    34
49db7495f6b8 First shot at switching to database revision numbers separate from release version number. There are probably bugs, especially related to migration.
Dan Fuhry <dan@enanocms.org>
parents:
diff changeset
    35