From f855f5aa1ac894e550328868cebc64a537bc96b7 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@enhancesoft.com>
Date: Fri, 9 Aug 2013 15:36:41 +0000
Subject: [PATCH] Upgrade patch for 16fcef4a13d6475a5f8bfef462b548e2
---
include/upgrader/streams/core.sig | 2 +-
.../streams/core/8aeda901-16fcef4a.patch.sql | 18 +++++++++
.../streams/core/8aeda901-16fcef4a.task.php | 38 +++++++++++++++++++
setup/inc/streams/core/install-mysql.sql | 4 +-
4 files changed, 59 insertions(+), 3 deletions(-)
create mode 100644 include/upgrader/streams/core/8aeda901-16fcef4a.patch.sql
create mode 100644 include/upgrader/streams/core/8aeda901-16fcef4a.task.php
diff --git a/include/upgrader/streams/core.sig b/include/upgrader/streams/core.sig
index 9493bef9b..417c53845 100644
--- a/include/upgrader/streams/core.sig
+++ b/include/upgrader/streams/core.sig
@@ -1 +1 @@
-8aeda901a16e08c3229f1ac6da568e02
+16fcef4a13d6475a5f8bfef462b548e2
diff --git a/include/upgrader/streams/core/8aeda901-16fcef4a.patch.sql b/include/upgrader/streams/core/8aeda901-16fcef4a.patch.sql
new file mode 100644
index 000000000..c2ea1d2a9
--- /dev/null
+++ b/include/upgrader/streams/core/8aeda901-16fcef4a.patch.sql
@@ -0,0 +1,18 @@
+
+
+/**
+ * @version v1.7.1
+ * @signature 16fcef4a13d6475a5f8bfef462b548e2
+ *
+ * Change email password field to varchar 255 ASCII
+ *
+ *
+ */
+
+ALTER TABLE `%TABLE_PREFIX%email`
+ CHANGE `userpass` `userpass` VARCHAR( 255 ) CHARACTER SET ASCII COLLATE ascii_general_ci NOT NULL;
+
+-- Finished with patch
+UPDATE `%TABLE_PREFIX%config`
+ SET `value` = '16fcef4a13d6475a5f8bfef462b548e2'
+ WHERE `key` = 'schema_signature' AND `namespace` = 'core';
diff --git a/include/upgrader/streams/core/8aeda901-16fcef4a.task.php b/include/upgrader/streams/core/8aeda901-16fcef4a.task.php
new file mode 100644
index 000000000..c2f1aceac
--- /dev/null
+++ b/include/upgrader/streams/core/8aeda901-16fcef4a.task.php
@@ -0,0 +1,38 @@
+<?php
+require_once INCLUDE_DIR.'class.migrater.php';
+
+class CryptoMigrater extends MigrationTask {
+ var $description = "Migrating encrypted password";
+ var $status ='Making the world a better place!';
+
+ function run() {
+
+ $sql='SELECT email_id, userpass, userid FROM '.EMAIL_TABLE
+ ." WHERE userpass <> ''";
+ if(($res=db_query($sql)) && db_num_rows($res)) {
+ while(list($id, $passwd, $username) = db_fetch_row($res)) {
+ if(!$passwd) continue;
+ $ciphertext = Crypto::encrypt(self::_decrypt($passwd, SECRET_SALT), SECRET_SALT, $username);
+ $sql='UPDATE '.EMAIL_TABLE
+ .' SET userpass='.db_input($ciphertext)
+ .' WHERE email_id='.db_input($id);
+ db_query($sql);
+ }
+ }
+ }
+
+ /*
+ XXX: This is not a good way of decrypting data - use to descrypt old
+ data.
+ */
+ function _decrypt($text, $salt) {
+
+ if(!function_exists('mcrypt_encrypt') || !function_exists('mcrypt_decrypt'))
+ return $text;
+
+ return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, base64_decode($text), MCRYPT_MODE_ECB,
+ mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
+ }
+}
+return 'CryptoMigrater';
+?>
diff --git a/setup/inc/streams/core/install-mysql.sql b/setup/inc/streams/core/install-mysql.sql
index 9a5fe11c2..9359cfae9 100644
--- a/setup/inc/streams/core/install-mysql.sql
+++ b/setup/inc/streams/core/install-mysql.sql
@@ -92,7 +92,7 @@ CREATE TABLE `%TABLE_PREFIX%config` (
INSERT INTO `%TABLE_PREFIX%config` (`namespace`, `key`, `value`) VALUES
('core', 'isonline', '0'),
('core', 'enable_daylight_saving', '0'),
- ('core', 'staff_ip_binding', '1'),
+ ('core', 'staff_ip_binding', '0'),
('core', 'staff_max_logins', '4'),
('core', 'staff_login_timeout', '2'),
('core', 'staff_session_timeout', '30'),
@@ -221,7 +221,7 @@ CREATE TABLE `%TABLE_PREFIX%email` (
`email` varchar(255) NOT NULL default '',
`name` varchar(255) NOT NULL default '',
`userid` varchar(255) NOT NULL,
- `userpass` varchar(125) NOT NULL,
+ `userpass` varchar(255) collate ascii_general_ci NOT NULL,
`mail_active` tinyint(1) NOT NULL default '0',
`mail_host` varchar(255) NOT NULL,
`mail_protocol` enum('POP','IMAP') NOT NULL default 'POP',
--
GitLab