⌈⌋ branch:  freshcode


Check-in [322785403d]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
SHA1:322785403dd0049e0f64137f4324a97f37fd1322
Date: 2016-11-03 21:29:35
User: mario
Comment:Hash any literal passwords.
Tags And Properties
  • branch=trunk inherited from [82405bb421]
  • sym-trunk inherited from [82405bb421]
Context
2017-01-31
18:42
[792720840e] Recent updates to basic spam blacklist. (user: mario, tags: trunk)
2016-11-03
21:29
[322785403d] Hash any literal passwords. (user: mario, tags: trunk)
16:58
[453b4e3a7d] Fixed HTML escaping for password field. (user: mario, tags: trunk)
Changes

Added cron.daily/password_hash.php.

























































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
/**
 * api: cli
 * title: Rehash plain password
 * description: Looks for unhashed password literals, and calculates hash
 * version: 0.1
 * category: postprocessing
 * type: cron
 * x-cron: 9,17 20 * * *
 *
 * Fix for unhashed passwords.
 *
 */

chdir(dirname(__DIR__)); 
include("config.php");

/**
 * Scan each project,
 * split up `tags` as CSV and just fille up according tags table.
 *
 */
db("BEGIN IMMEDIATE TRANSACTION");
foreach (db("SELECT name, lock, MAX(t_changed) FROM release_versions GROUP BY name")->fetchAll() as $entry) {

    extract($entry);
    if (strlen(trim($lock))) {
        $tokens = p_csv($entry["lock"]);
        $updated = false;
        
        # find plain passwords
        foreach ($tokens as $i=>$pw) {
            if (strpos($pw, "://")) {
                continue;
            }
            elseif (strncmp($pw, '$2y$10$', 7) == 0) {
                continue;
            }
            else {
                $updated = 1;
                $tokens[$i] = password_hash($pw, PASSWORD_DEFAULT);
                print " ↓ $pw → $tokens[$i]\n";
            }
        }
        
        # update record
        if ($updated and $tokens and $name=="un-applet") {
            $r = new release($name);
            $r->update(
                ["lock" => join(", ", $tokens)],
                [], [], TRUE
            );
            $r->store();
            #print_r($r);
            print "Hashin password for `$name`\n";
        }
    }
}
db("END TRANSACTION");