forked from science-ation/science-ation
Add password hashing upgrade script
This commit is contained in:
parent
4c4e6c4a1f
commit
3c4e0605e6
63
scripts/science-ation_db_update.php
Normal file
63
scripts/science-ation_db_update.php
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
<?
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This file is part of the Science-ation project
|
||||||
|
* Science-ation Website: https://science-ation.ca
|
||||||
|
*
|
||||||
|
* This file was part of the 'Science Fair In A Box' project
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
|
||||||
|
* Copyright (C) 2005 James Grant <james@lightbox.org>
|
||||||
|
* Copyright (C) 2024 AlgoLibre Inc. <science-ation@algolibre.io>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public
|
||||||
|
* License as published by the Free Software Foundation, version 2.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; see the file COPYING. If not, write to
|
||||||
|
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
||||||
|
* Boston, MA 02111-1307, USA.
|
||||||
|
*/
|
||||||
|
|
||||||
|
require_once ('common.inc.php');
|
||||||
|
|
||||||
|
function hash_passwords() {
|
||||||
|
global $pdo;
|
||||||
|
|
||||||
|
$q = $pdo->prepare("SELECT `id`, `password`, `oldpassword` FROM `users`");
|
||||||
|
$q->execute();
|
||||||
|
|
||||||
|
while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
|
||||||
|
print_r($r);
|
||||||
|
$id = $r['id'];
|
||||||
|
|
||||||
|
$password=$r['password'];
|
||||||
|
$oldpassword=$r['oldpassword'];
|
||||||
|
|
||||||
|
if (_password_not_hashed($password)) {
|
||||||
|
$password = password_hash($r['password'], PASSWORD_BCRYPT);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (_password_not_hashed($oldpassword)) {
|
||||||
|
$oldpassword = password_hash($r['oldpassword'], PASSWORD_BCRYPT);
|
||||||
|
}
|
||||||
|
|
||||||
|
$stmt = $pdo->prepare("UPDATE `users` SET `password`=?, `oldpassword`=? WHERE `id`=?");
|
||||||
|
$stmt->execute([$password, $oldpassword, $id]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function _password_not_hashed($password) {
|
||||||
|
return (password_get_info($password)['algo'] == 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
hash_passwords();
|
||||||
|
|
||||||
|
?>
|
||||||
Loading…
x
Reference in New Issue
Block a user