Added ch
This script checks for passwords stored in clear text (e.g after a mass import), and encrypts them with the master key.
This commit is contained in:
parent
9bb6cb927e
commit
ed41012109
17
class.db.php
17
class.db.php
@ -290,17 +290,20 @@ if (!class_exists('PWSdb'))
|
||||
|
||||
function updatePassword($passwordId, $newPassword, $username = null)
|
||||
{
|
||||
$query = '';
|
||||
$params = array();
|
||||
if ($username === null)
|
||||
{
|
||||
$sth = $this->prepare('UPDATE passwords SET password = ? WHERE id = ?');
|
||||
$query = 'UPDATE passwords SET password = ? WHERE id = ?';
|
||||
$params = array($this->encryptPassword($newPassword), $passwordId);
|
||||
}
|
||||
else
|
||||
{
|
||||
$sth = $this->prepare('UPDATE passwords SET password = ?, modifiedby = ?, modifiedat = datetime(\'now\') WHERE id = ?');
|
||||
$query = 'UPDATE passwords SET password = ?, modifiedby = ?, modifiedat = datetime(\'now\') WHERE id = ?';
|
||||
$params = array($this->encryptPassword($newPassword), $username, $passwordId);
|
||||
}
|
||||
$sth->execute();
|
||||
$sth = $this->prepare($query);
|
||||
$sth->execute($params);
|
||||
}
|
||||
|
||||
function updatePasswordAccess($passwordId)
|
||||
@ -391,6 +394,14 @@ if (!class_exists('PWSdb'))
|
||||
$sth->execute(array(':querytext' => '%' . str_replace(array('%', '_'), array('~%', '~_'), $query) . '%'));
|
||||
return $sth->fetchAll();
|
||||
}
|
||||
|
||||
function getClearPasswords()
|
||||
{
|
||||
$sth = $this->prepare('SELECT id, password FROM passwords WHERE password LIKE ?');
|
||||
$sth->execute(array('{CLEAR}%'));
|
||||
|
||||
return $sth->fetchAll();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
21
scripts/checkclearpasswords.php
Normal file
21
scripts/checkclearpasswords.php
Normal file
@ -0,0 +1,21 @@
|
||||
<?php
|
||||
// Check and update clear text password in the database
|
||||
|
||||
|
||||
// OPTIONS
|
||||
$webDir = '/var/www/localhost/htdocs/passwordstore';
|
||||
|
||||
require_once $webDir . '/config.php';
|
||||
require_once $webDir . '/class.db.php';
|
||||
|
||||
pwsdbh($dbDSN)->setKey(file_get_contents($masterKey));
|
||||
|
||||
$passwords = pwsdbh($dbDSN)->getClearPasswords();
|
||||
|
||||
foreach ($passwords as $rec)
|
||||
{
|
||||
echo "Updating password with ID " . $rec['id'] . "\n";
|
||||
$rec['password'] = $rec[1] = substr($rec['password'], 7);
|
||||
pwsdbh($dbDSN)->updatePassword($rec['id'], $rec['password']);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user