Remove SQL column legacy_password
This commit is contained in:
parent
cb26cd6d5d
commit
82f1f2f00e
5 changed files with 5 additions and 12 deletions
|
@ -1019,7 +1019,6 @@ CREATE TABLE IF NOT EXISTS `user` (
|
|||
`guid` varchar(64) NOT NULL DEFAULT '' COMMENT '',
|
||||
`username` varchar(255) NOT NULL DEFAULT '' COMMENT '',
|
||||
`password` varchar(255) NOT NULL DEFAULT '' COMMENT '',
|
||||
`legacy_password` boolean NOT NULL DEFAULT '0' COMMENT 'Is the password hash double-hashed?',
|
||||
`nickname` varchar(255) NOT NULL DEFAULT '' COMMENT '',
|
||||
`email` varchar(255) NOT NULL DEFAULT '' COMMENT '',
|
||||
`openid` varchar(255) NOT NULL DEFAULT '' COMMENT '',
|
||||
|
|
|
@ -1726,7 +1726,6 @@ class DBStructure
|
|||
"guid" => ["type" => "varchar(64)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"username" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"password" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"legacy_password" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => "Is the password hash double-hashed?"],
|
||||
"nickname" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"email" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
"openid" => ["type" => "varchar(255)", "not null" => "1", "default" => "", "comment" => ""],
|
||||
|
|
|
@ -170,13 +170,12 @@ class User
|
|||
|
||||
if (!isset($user['uid'])
|
||||
|| !isset($user['password'])
|
||||
|| !isset($user['legacy_password'])
|
||||
) {
|
||||
throw new Exception(L10n::t('Not enough information to authenticate'));
|
||||
}
|
||||
} elseif (is_int($user_info) || is_string($user_info)) {
|
||||
if (is_int($user_info)) {
|
||||
$user = dba::selectFirst('user', ['uid', 'password', 'legacy_password'],
|
||||
$user = dba::selectFirst('user', ['uid', 'password'],
|
||||
[
|
||||
'uid' => $user_info,
|
||||
'blocked' => 0,
|
||||
|
@ -186,7 +185,7 @@ class User
|
|||
]
|
||||
);
|
||||
} else {
|
||||
$user = dba::fetch_first('SELECT `uid`, `password`, `legacy_password`
|
||||
$user = dba::fetch_first('SELECT `uid`, `password`
|
||||
FROM `user`
|
||||
WHERE (`email` = ? OR `username` = ? OR `nickname` = ?)
|
||||
AND `blocked` = 0
|
||||
|
@ -277,7 +276,6 @@ class User
|
|||
'password' => $pasword_hashed,
|
||||
'pwdreset' => null,
|
||||
'pwdreset_time' => null,
|
||||
'legacy_password' => false
|
||||
];
|
||||
return dba::update('user', $fields, ['uid' => $uid]);
|
||||
}
|
||||
|
|
|
@ -226,7 +226,7 @@ class ExAuth
|
|||
if ($a->get_hostname() == $aCommand[2]) {
|
||||
$this->writeLog(LOG_INFO, 'internal auth for ' . $sUser . '@' . $aCommand[2]);
|
||||
|
||||
$aUser = dba::selectFirst('user', ['uid', 'password', 'legacy_password'], ['nickname' => $sUser]);
|
||||
$aUser = dba::selectFirst('user', ['uid', 'password'], ['nickname' => $sUser]);
|
||||
if (DBM::is_result($aUser)) {
|
||||
$uid = $aUser['uid'];
|
||||
$success = User::authenticate($aUser, $aCommand[3]);
|
||||
|
|
|
@ -149,12 +149,9 @@ function update_1203() {
|
|||
}
|
||||
|
||||
function update_1244() {
|
||||
// Sets legacy_password for all legacy hashes
|
||||
dba::update('user', ['legacy_password' => true], ['SUBSTR(password, 1, 4) != "$2y$"']);
|
||||
|
||||
// All legacy hashes are re-hashed using the new secure hashing function
|
||||
$stmt = dba::select('user', ['uid', 'password'], ['legacy_password' => true]);
|
||||
while($user = dba::fetch($stmt)) {
|
||||
$stmt = dba::select('user', ['uid', 'password'], ['password NOT LIKE "$%"']);
|
||||
while ($user = dba::fetch($stmt)) {
|
||||
dba::update('user', ['password' => User::hashPassword($user['password'])], ['uid' => $user['uid']]);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue