diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2017-06-03 11:07:34 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2017-06-03 11:07:34 +0200 |
| commit | 170613848ad86cea1f140ed1cfdb55d581324ffb (patch) | |
| tree | d129457d4a73d349965e781069a6bd87b8685050 | |
| parent | 70349864273eae4ee689cb1302bc416f5c535d25 (diff) | |
| download | forums-170613848ad86cea1f140ed1cfdb55d581324ffb.tar forums-170613848ad86cea1f140ed1cfdb55d581324ffb.tar.gz forums-170613848ad86cea1f140ed1cfdb55d581324ffb.tar.bz2 forums-170613848ad86cea1f140ed1cfdb55d581324ffb.tar.xz forums-170613848ad86cea1f140ed1cfdb55d581324ffb.zip | |
[ticket/15219] Add console command for updating hashes to bcrypt
PHPBB3-15219
| -rw-r--r-- | phpBB/config/console.yml | 12 | ||||
| -rw-r--r-- | phpBB/language/en/cli.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/console/command/fixup/update_hashes.php | 117 |
3 files changed, 131 insertions, 0 deletions
diff --git a/phpBB/config/console.yml b/phpBB/config/console.yml index 1e18a7dd37..4118803663 100644 --- a/phpBB/config/console.yml +++ b/phpBB/config/console.yml @@ -139,3 +139,15 @@ services: - @dbal.conn tags: - { name: console.command } + + console.command.fixup.update_hashes: + class: phpbb\console\command\fixup\update_hashes + arguments: + - @config + - @user + - @dbal.conn + - @passwords.manager + - @passwords.driver_collection + - %passwords.algorithms% + tags: + - { name: console.command } diff --git a/phpBB/language/en/cli.php b/phpBB/language/en/cli.php index 6989f26f72..27e72d5ccd 100644 --- a/phpBB/language/en/cli.php +++ b/phpBB/language/en/cli.php @@ -64,6 +64,7 @@ $lang = array_merge($lang, array( 'CLI_DESCRIPTION_RECALCULATE_EMAIL_HASH' => 'Recalculates the user_email_hash column of the users table.', 'CLI_DESCRIPTION_SET_ATOMIC_CONFIG' => 'Sets a configuration option’s value only if the old matches the current value', 'CLI_DESCRIPTION_SET_CONFIG' => 'Sets a configuration option’s value', + 'CLI_DESCRIPTION_UPDATE_HASH_BCRYPT' => 'Updates outdated password hashes to be hashed with bcrypt.', 'CLI_EXTENSION_DISABLE_FAILURE' => 'Could not disable extension %s', 'CLI_EXTENSION_DISABLE_SUCCESS' => 'Successfully disabled extension %s', @@ -78,6 +79,7 @@ $lang = array_merge($lang, array( 'CLI_EXTENSIONS_ENABLED' => 'Enabled', 'CLI_FIXUP_RECALCULATE_EMAIL_HASH_SUCCESS' => 'Successfully recalculated all email hashes.', + 'CLI_FIXUP_UPDATE_HASH_BCRYPT_SUCCESS' => 'Successfully updated outdated password hashes to bcrypt.' )); // Additional help for commands. diff --git a/phpBB/phpbb/console/command/fixup/update_hashes.php b/phpBB/phpbb/console/command/fixup/update_hashes.php new file mode 100644 index 0000000000..4bcc3b5d19 --- /dev/null +++ b/phpBB/phpbb/console/command/fixup/update_hashes.php @@ -0,0 +1,117 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ +namespace phpbb\console\command\fixup; + +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Output\OutputInterface; +use Symfony\Component\Console\Helper\ProgressBar; + +class update_hashes extends \phpbb\console\command\command +{ + /** @var \phpbb\config\config */ + protected $config; + + /** @var \phpbb\db\driver\driver_interface */ + protected $db; + + /** @var \phpbb\passwords\manager */ + protected $passwords_manager; + + /** @var string Default hashing type */ + protected $default_type; + + /** + * Update_hashes constructor + * + * @param \phpbb\config\config $config + * @param \phpbb\user $user + * @param \phpbb\db\driver\driver_interface $db + * @param \phpbb\passwords\manager $passwords_manager + * @param array $hashing_algorithms Hashing driver + * service collection + * @param array $defaults Default password types + */ + public function __construct(\phpbb\config\config $config, \phpbb\user $user, + \phpbb\db\driver\driver_interface $db, \phpbb\passwords\manager $passwords_manager, + $hashing_algorithms, $defaults) + { + $this->config = $config; + $this->db = $db; + + $this->passwords_manager = $passwords_manager; + + foreach ($defaults as $type) + { + if ($hashing_algorithms[$type]->is_supported()) + { + $this->default_type = $type; + break; + } + } + + parent::__construct($user); + } + + /** + * {@inheritdoc} + */ + protected function configure() + { + $this + ->setName('fixup:update-hashes') + ->setDescription($this->user->lang('CLI_DESCRIPTION_UPDATE_HASH_BCRYPT')) + ; + } + + /** + * {@inheritdoc} + */ + protected function execute(InputInterface $input, OutputInterface $output) + { + // Get count to be able to display progress + $sql = 'SELECT COUNT(user_id) AS count + FROM ' . USERS_TABLE . ' + WHERE user_password ' . $this->db->sql_like_expression('$H$' . $this->db->get_any_char()) . ' + OR user_password ' . $this->db->sql_like_expression('$CP$' . $this->db->get_any_char()); + $result = $this->db->sql_query($sql); + $total_update_passwords = $this->db->sql_fetchfield('count'); + $this->db->sql_freeresult($result); + + // Create progress bar + $progress_bar = new ProgressBar($output, $total_update_passwords); + $progress_bar->start(); + + $sql = 'SELECT user_id, user_password + FROM ' . USERS_TABLE . ' + WHERE user_password ' . $this->db->sql_like_expression('$H$' . $this->db->get_any_char()) . ' + OR user_password ' . $this->db->sql_like_expression('$CP$' . $this->db->get_any_char()); + $result = $this->db->sql_query($sql); + + while ($row = $this->db->sql_fetchrow($result)) + { + $new_hash = $this->passwords_manager->hash($row['user_password'], array($this->default_type)); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_password = "' . $this->db->sql_escape($new_hash) . '" + WHERE user_id = ' . (int) $row['user_id']; + $this->db->sql_query($sql); + $progress_bar->advance(); + } + + $this->config->set('update_hashes_last_cron', time()); + + $progress_bar->finish(); + + $output->writeln('<info>' . $this->user->lang('CLI_FIXUP_UPDATE_HASH_BCRYPT_SUCCESS') . '</info>'); + } +} |