⌈⌋ ⎇ branch:  freshcode


Check-in [322785403d]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Hash any literal passwords.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 322785403dd0049e0f64137f4324a97f37fd1322
User & Date: mario 2016-11-03 21:29:35
Context
2017-01-31
18:42
Recent updates to basic spam blacklist. check-in: 792720840e user: mario tags: trunk
2016-11-03
21:29
Hash any literal passwords. check-in: 322785403d user: mario tags: trunk
16:58
Fixed HTML escaping for password field. check-in: 453b4e3a7d user: mario tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Added cron.daily/password_hash.php. 



























































































































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

<?php
/**
 * api: cli
 * title: Rehash plain password
 * description: Looks for unhashed password literals, and calculates hash
 * version: 0.1
 * category: postprocessing
 * type: cron
 * x-cron: 9,17 20 * * *
 *
 * Fix for unhashed passwords.
 *
 */

chdir(dirname(__DIR__)); 
include("config.php");

/**
 * Scan each project,
 * split up `tags` as CSV and just fille up according tags table.
 *
 */
db("BEGIN IMMEDIATE TRANSACTION");
foreach (db("SELECT name, lock, MAX(t_changed) FROM release_versions GROUP BY name")->fetchAll() as $entry) {

    extract($entry);
    if (strlen(trim($lock))) {
        $tokens = p_csv($entry["lock"]);
        $updated = false;
        
        # find plain passwords
        foreach ($tokens as $i=>$pw) {
            if (strpos($pw, "://")) {
                continue;
            }
            elseif (strncmp($pw, '$2y$10$', 7) == 0) {
                continue;
            }
            else {
                $updated = 1;
                $tokens[$i] = password_hash($pw, PASSWORD_DEFAULT);
                print " ↓ $pw → $tokens[$i]\n";
            }
        }
        
        # update record
        if ($updated and $tokens and $name=="un-applet") {
            $r = new release($name);
            $r->update(
                ["lock" => join(", ", $tokens)],
                [], [], TRUE
            );
            $r->store();
            #print_r($r);
            print "Hashin password for `$name`\n";
        }
    }
}
db("END TRANSACTION");