Added ch

This script checks for passwords stored in clear text (e.g after a mass import), and encrypts them with the master key.

class.db.php

@@ -290,17 +290,20 @@ if (!class_exists('PWSdb'))
 
 		function updatePassword($passwordId, $newPassword, $username = null)
 		{
+			$query = '';
+			$params = array();
 			if ($username === null)
 			{
-				$sth = $this->prepare('UPDATE passwords SET password = ? WHERE id = ?');
+				$query = 'UPDATE passwords SET password = ? WHERE id = ?';
 				$params = array($this->encryptPassword($newPassword), $passwordId);
 			}
 			else
 			{
-				$sth = $this->prepare('UPDATE passwords SET password = ?, modifiedby = ?, modifiedat = datetime(\'now\') WHERE id = ?');
+				$query = 'UPDATE passwords SET password = ?, modifiedby = ?, modifiedat = datetime(\'now\') WHERE id = ?';
 				$params = array($this->encryptPassword($newPassword), $username, $passwordId);
 			}
-			$sth->execute();
+			$sth = $this->prepare($query);
+			$sth->execute($params);
 		}
 
 		function updatePasswordAccess($passwordId)
@@ -391,6 +394,14 @@ if (!class_exists('PWSdb'))
 			$sth->execute(array(':querytext' => '%' . str_replace(array('%', '_'), array('~%', '~_'), $query) . '%'));
 			return $sth->fetchAll();
 		}
+
+		function getClearPasswords()
+		{
+			$sth = $this->prepare('SELECT id, password FROM passwords WHERE password LIKE ?');
+			$sth->execute(array('{CLEAR}%'));
+
+			return $sth->fetchAll();
+		}
 	}
 }
 

scripts/checkclearpasswords.php

@@ -0,0 +1,21 @@
+<?php
+// Check and update clear text password in the database
+
+
+// OPTIONS
+$webDir = '/var/www/localhost/htdocs/passwordstore';
+
+require_once $webDir . '/config.php';
+require_once $webDir . '/class.db.php';
+
+pwsdbh($dbDSN)->setKey(file_get_contents($masterKey));
+
+$passwords = pwsdbh($dbDSN)->getClearPasswords();
+
+foreach ($passwords as $rec)
+{
+	echo "Updating password with ID " . $rec['id'] . "\n";
+	$rec['password'] = $rec[1] = substr($rec['password'], 7);
+	pwsdbh($dbDSN)->updatePassword($rec['id'], $rec['password']);
+}
+