PageRenderTime 46ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/Branch_4_6dev/gforge/plugins/webcalendar/www/tools/convert_passwords.php

https://gitlab.com/oslc-cm-server/olbergers-ff5-oslc
PHP | 86 lines | 59 code | 7 blank | 20 comment | 14 complexity | 03e0f732a0245466c1ab80db7ec81eb8 MD5 | raw file
Possible License(s): GPL-2.0, MPL-2.0-no-copyleft-exception
  1. <?
  2. /*
  3. * $Id: convert_passwords.php,v 1.2.4.1 2006/06/07 15:10:46 cknudsen Exp $
  4. *
  5. * This script will alter the webcal_user table to allow 32 character passwords
  6. * and convert user passwords to PHP md5 passwords.
  7. *
  8. * It is necessary to run this to upgrade to version 0.9.43 from any version.
  9. *
  10. *
  11. * ** NOTE: This script should only be run ONCE and then be deleted!!
  12. *
  13. */
  14. /********************************************************************/
  15. $includedir = "../includes";
  16. include "$includedir/config.php";
  17. $includedir = "../includes";
  18. include "$includedir/php-dbi.php";
  19. $c = dbi_connect ( $db_host, $db_login, $db_password, $db_database );
  20. if ( ! $c ) {
  21. echo "Error connecting to database: " . dbi_error ();
  22. exit;
  23. }
  24. // First, look at the passwords. If we find and md5 hash in there,
  25. // (it will have 32 chars instead of < 25 like in the old version),
  26. // then we know this script was already run.
  27. $sql = "SELECT cal_passwd FROM webcal_user";
  28. $res = dbi_query ( $sql );
  29. $doneBefore = false;
  30. if ( $res ) {
  31. if ( $row = dbi_fetch_row ( $res ) ) {
  32. if ( strlen ( $row[0] ) > 30 )
  33. $doneBefore = true;
  34. }
  35. dbi_free_result ( $res );
  36. } else {
  37. echo "Database error: " . dbi_error ();
  38. exit;
  39. }
  40. if ( $doneBefore ) {
  41. echo "Passwords were already converted to md5!\n<br />\n";
  42. exit;
  43. }
  44. // See if webcal_user.cal_passwd will allow 32 characters
  45. $sql = "DESC webcal_user";
  46. $res = dbi_query ( $sql );
  47. while ( $row = dbi_fetch_row ( $res ) ) {
  48. if ($row[Field] == 'cal_passwd') {
  49. preg_match ( "/([0-9]+)/", $row[Type], $match );
  50. if ($match[1] < 32) {
  51. $sql = "ALTER TABLE webcal_user MODIFY cal_passwd VARCHAR(32) NULL";
  52. // Use the following on older MySQL versions
  53. //$sql = "ALTER TABLE webcal_user CHANGE cal_passwd cal_passwd VARCHAR(32) NULL";
  54. $res = dbi_query ( $sql );
  55. if ($res) {
  56. echo "Table webcal_user altered to allow 32 character passwords.\n" .
  57. "<br />Converting passwords...\n<br /><br />\n";
  58. }
  59. }
  60. }
  61. }
  62. dbi_free_result ( $res );
  63. // Convert the passwords
  64. $sql = "SELECT cal_login, cal_passwd FROM webcal_user";
  65. $res = dbi_query ( $sql );
  66. if ( $res ) {
  67. while ( $row = dbi_fetch_row ( $res ) ) {
  68. $sql2 = "UPDATE webcal_user SET cal_passwd = '" .
  69. md5($row[1]) . "' WHERE cal_login = '".$row[0]."'";
  70. $res2 = dbi_query ( $sql2 );
  71. if ($res2)
  72. echo "Password updated for: ".$row[0]."<br />\n";
  73. }
  74. dbi_free_result ( $res );
  75. echo "Finished converting passwords\n<br />\n";
  76. echo "<br /><br />\n<h1>DO NOT Run this script again!!!</h1>\n<br />\n";
  77. echo '<h1>Delete this script if it ran successfully!!!</h1>';
  78. }
  79. ?>