forked from science-ation/science-ation
Add password hashing upgrade script
This commit is contained in:
parent
4c4e6c4a1f
commit
3c4e0605e6
63
scripts/science-ation_db_update.php
Normal file
63
scripts/science-ation_db_update.php
Normal file
@ -0,0 +1,63 @@
|
||||
<?
|
||||
|
||||
/*
|
||||
* This file is part of the Science-ation project
|
||||
* Science-ation Website: https://science-ation.ca
|
||||
*
|
||||
* This file was part of the 'Science Fair In A Box' project
|
||||
*
|
||||
*
|
||||
* Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
|
||||
* Copyright (C) 2005 James Grant <james@lightbox.org>
|
||||
* Copyright (C) 2024 AlgoLibre Inc. <science-ation@algolibre.io>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public
|
||||
* License as published by the Free Software Foundation, version 2.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; see the file COPYING. If not, write to
|
||||
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
||||
* Boston, MA 02111-1307, USA.
|
||||
*/
|
||||
|
||||
require_once ('common.inc.php');
|
||||
|
||||
function hash_passwords() {
|
||||
global $pdo;
|
||||
|
||||
$q = $pdo->prepare("SELECT `id`, `password`, `oldpassword` FROM `users`");
|
||||
$q->execute();
|
||||
|
||||
while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||
print_r($r);
|
||||
$id = $r['id'];
|
||||
|
||||
$password=$r['password'];
|
||||
$oldpassword=$r['oldpassword'];
|
||||
|
||||
if (_password_not_hashed($password)) {
|
||||
$password = password_hash($r['password'], PASSWORD_BCRYPT);
|
||||
}
|
||||
|
||||
if (_password_not_hashed($oldpassword)) {
|
||||
$oldpassword = password_hash($r['oldpassword'], PASSWORD_BCRYPT);
|
||||
}
|
||||
|
||||
$stmt = $pdo->prepare("UPDATE `users` SET `password`=?, `oldpassword`=? WHERE `id`=?");
|
||||
$stmt->execute([$password, $oldpassword, $id]);
|
||||
}
|
||||
}
|
||||
|
||||
function _password_not_hashed($password) {
|
||||
return (password_get_info($password)['algo'] == 0);
|
||||
}
|
||||
|
||||
hash_passwords();
|
||||
|
||||
?>
|
||||
Loading…
x
Reference in New Issue
Block a user