diff --git a/scripts/science-ation_db_update.php b/scripts/science-ation_db_update.php new file mode 100644 index 00000000..90876a8d --- /dev/null +++ b/scripts/science-ation_db_update.php @@ -0,0 +1,63 @@ + + * Copyright (C) 2005 James Grant + * Copyright (C) 2024 AlgoLibre Inc. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; see the file COPYING. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + * Boston, MA 02111-1307, USA. + */ + +require_once ('common.inc.php'); + +function hash_passwords() { + global $pdo; + + $q = $pdo->prepare("SELECT `id`, `password`, `oldpassword` FROM `users`"); + $q->execute(); + + while ($r = $q->fetch(PDO::FETCH_ASSOC)) { + print_r($r); + $id = $r['id']; + + $password=$r['password']; + $oldpassword=$r['oldpassword']; + + if (_password_not_hashed($password)) { + $password = password_hash($r['password'], PASSWORD_BCRYPT); + } + + if (_password_not_hashed($oldpassword)) { + $oldpassword = password_hash($r['oldpassword'], PASSWORD_BCRYPT); + } + + $stmt = $pdo->prepare("UPDATE `users` SET `password`=?, `oldpassword`=? WHERE `id`=?"); + $stmt->execute([$password, $oldpassword, $id]); + } +} + +function _password_not_hashed($password) { + return (password_get_info($password)['algo'] == 0); +} + +hash_passwords(); + +?> \ No newline at end of file