diff options
| -rw-r--r-- | phpBB/config/default/container/services_console.yml | 8 | ||||
| -rw-r--r-- | phpBB/develop/calc_email_hash.php | 74 | ||||
| -rw-r--r-- | phpBB/develop/update_email_hash.php | 56 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_profile.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_resend.php | 2 | ||||
| -rw-r--r-- | phpBB/install/convertors/convert_phpbb20.php | 1 | ||||
| -rw-r--r-- | phpBB/language/en/cli.php | 3 | ||||
| -rw-r--r-- | phpBB/phpbb/console/command/fixup/recalculate_email_hash.php | 76 | ||||
| -rw-r--r-- | phpBB/phpbb/install/module/install_database/task/add_config_settings.php | 1 | ||||
| -rw-r--r-- | phpBB/phpbb/ucp/controller/reset_password.php | 2 | ||||
| -rw-r--r-- | tests/auth/provider_apache_test.php | 1 | ||||
| -rw-r--r-- | tests/functions/fixtures/validate_email.xml | 2 |
14 files changed, 5 insertions, 232 deletions
diff --git a/phpBB/config/default/container/services_console.yml b/phpBB/config/default/container/services_console.yml index 05e467ff8d..b662102b35 100644 --- a/phpBB/config/default/container/services_console.yml +++ b/phpBB/config/default/container/services_console.yml @@ -158,14 +158,6 @@ services: tags: - { name: console.command } - console.command.fixup.recalculate_email_hash: - class: phpbb\console\command\fixup\recalculate_email_hash - arguments: - - '@user' - - '@dbal.conn' - tags: - - { name: console.command } - console.command.fixup.update_hashes: class: phpbb\console\command\fixup\update_hashes arguments: diff --git a/phpBB/develop/calc_email_hash.php b/phpBB/develop/calc_email_hash.php deleted file mode 100644 index 740f9158cf..0000000000 --- a/phpBB/develop/calc_email_hash.php +++ /dev/null @@ -1,74 +0,0 @@ -<?php -/** -* -* This file is part of the phpBB Forum Software package. -* -* @copyright (c) phpBB Limited <https://www.phpbb.com> -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ - -// -// Security message: -// -// This script is potentially dangerous. -// Remove or comment the next line (die(".... ) to enable this script. -// Do NOT FORGET to either remove this script or disable it after you have used it. -// -die("Please read the first lines of this script for instructions on how to enable it"); -@set_time_limit(300); - -$db = $dbhost = $dbuser = $dbpasswd = $dbport = $dbname = ''; - -define('IN_PHPBB', 1); -define('ANONYMOUS', 1); -$phpEx = substr(strrchr(__FILE__, '.'), 1); -$phpbb_root_path='./../'; -include($phpbb_root_path . 'config.'.$phpEx); -require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.'.$phpEx); -require($phpbb_root_path . 'includes/db/' . $dbms . '.'.$phpEx); -include($phpbb_root_path . 'includes/functions.'.$phpEx); - -$cache = new acm(); -$db = new sql_db(); - -// Connect to DB -$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false); - -$start = 0; -do -{ - // Batch query for group members, call group_user_del - $sql = "SELECT user_id, user_email - FROM {$table_prefix}users - LIMIT $start, 100"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) - { - do - { - $sql = "UPDATE {$table_prefix}users - SET user_email_hash = " . (crc32(strtolower($row['user_email'])) . strlen($row['user_email'])) . ' - WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); - - $start++; - } - while ($row = $db->sql_fetchrow($result)); - - echo "<br />Batch -> $start\n"; - flush(); - } - else - { - $start = 0; - } - $db->sql_freeresult($result); -} -while ($start); - -echo "<p><b>Done</b></p>\n"; diff --git a/phpBB/develop/update_email_hash.php b/phpBB/develop/update_email_hash.php deleted file mode 100644 index c149900d64..0000000000 --- a/phpBB/develop/update_email_hash.php +++ /dev/null @@ -1,56 +0,0 @@ -<?php -/** -* Corrects user_email_hash values if DB moved from 32-bit system to 64-bit system or vice versa. -* The CRC32 function in PHP generates different results for both systems. -* @PHP dev team: no, a hexdec() applied to it does not solve the issue. And please document it. -* -*/ -die("Please read the first lines of this script for instructions on how to enable it"); - -set_time_limit(0); - -define('IN_PHPBB', true); -$phpbb_root_path = './../'; -$phpEx = substr(strrchr(__FILE__, '.'), 1); -include($phpbb_root_path . 'common.' . $phpEx); - -// Start session management -$user->session_begin(); -$auth->acl($user->data); -$user->setup(); - -$start = $request->variable('start', 0); -$num_items = 1000; - -echo '<br />Updating user email hashes' . "\n"; - -$sql = 'SELECT user_id, user_email - FROM ' . USERS_TABLE . ' - ORDER BY user_id ASC'; -$result = $db->sql_query($sql); - -$echos = 0; -while ($row = $db->sql_fetchrow($result)) -{ - $echos++; - - $sql = 'UPDATE ' . USERS_TABLE . " - SET user_email_hash = '" . $db->sql_escape(phpbb_email_hash($row['user_email'])) . "' - WHERE user_id = " . (int) $row['user_id']; - $db->sql_query($sql); - - if ($echos == 200) - { - echo '<br />'; - $echos = 0; - } - - echo '.'; - flush(); -} -$db->sql_freeresult($result); - -echo 'FINISHED'; - -// Done -$db->sql_close(); diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 1b66943490..6993c86279 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -966,10 +966,7 @@ class acp_users if ($update_email !== false) { - $sql_ary += array( - 'user_email' => $update_email, - 'user_email_hash' => phpbb_email_hash($update_email), - ); + $sql_ary += ['user_email' => $update_email]; $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_UPDATE_EMAIL', false, array( 'reportee_id' => $user_id, diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 5c94a90d9d..dc6e09268a 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -204,7 +204,6 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) 'username_clean' => $username_clean, 'user_password' => (isset($user_row['user_password'])) ? $user_row['user_password'] : '', 'user_email' => strtolower($user_row['user_email']), - 'user_email_hash' => phpbb_email_hash($user_row['user_email']), 'group_id' => $user_row['group_id'], 'user_type' => $user_row['user_type'], ); @@ -1948,9 +1947,9 @@ function validate_user_email($email, $allowed_email = false) if (!$config['allow_emailreuse']) { - $sql = 'SELECT user_email_hash + $sql = 'SELECT user_email FROM ' . USERS_TABLE . " - WHERE user_email_hash = " . $db->sql_escape(phpbb_email_hash($email)); + WHERE user_email = '" . $db->sql_escape($email) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 6d98362e08..dca7e7eeb7 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -131,7 +131,6 @@ class ucp_profile 'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'], 'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'], 'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'], - 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'], 'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? $passwords_manager->hash($data['new_password']) : $user->data['user_password'], ); diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 44c54100cd..55923668d4 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -47,7 +47,7 @@ class ucp_resend $sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey, user_inactive_reason FROM ' . USERS_TABLE . " - WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "' + WHERE user_email = '" . $db->sql_escape($email) . "' AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); diff --git a/phpBB/install/convertors/convert_phpbb20.php b/phpBB/install/convertors/convert_phpbb20.php index c4d2be5a28..6da6e2eb22 100644 --- a/phpBB/install/convertors/convert_phpbb20.php +++ b/phpBB/install/convertors/convert_phpbb20.php @@ -899,7 +899,6 @@ if (!$get_info) array('user_password', 'users.user_password', 'phpbb_convert_password_hash'), array('user_posts', 'users.user_posts', 'intval'), array('user_email', 'users.user_email', 'strtolower'), - array('user_email_hash', 'users.user_email', 'gen_email_hash'), array('user_birthday', ((defined('MOD_BIRTHDAY')) ? 'users.user_birthday' : ''), 'phpbb_get_birthday'), array('user_lastvisit', 'users.user_lastvisit', 'intval'), array('user_lastmark', 'users.user_lastvisit', 'intval'), diff --git a/phpBB/language/en/cli.php b/phpBB/language/en/cli.php index 505d12e8ff..122010d2cf 100644 --- a/phpBB/language/en/cli.php +++ b/phpBB/language/en/cli.php @@ -78,8 +78,6 @@ $lang = array_merge($lang, array( 'CLI_DESCRIPTION_REPARSER_REPARSE_OPT_RANGE_SIZE' => 'Approximate number of records to process at a time', 'CLI_DESCRIPTION_REPARSER_REPARSE_OPT_RESUME' => 'Start reparsing where the last execution stopped', - 'CLI_DESCRIPTION_RECALCULATE_EMAIL_HASH' => 'Recalculates the user_email_hash column of the users table.', - 'CLI_DESCRIPTION_SET_ATOMIC_CONFIG' => 'Sets a configuration option’s value only if the old matches the current value', 'CLI_DESCRIPTION_SET_CONFIG' => 'Sets a configuration option’s value', @@ -130,7 +128,6 @@ $lang = array_merge($lang, array( 'CLI_EXTENSIONS_ENABLED' => 'Enabled', 'CLI_FIXUP_FIX_LEFT_RIGHT_IDS_SUCCESS' => 'Successfully repaired the tree structure of the forums and modules.', - 'CLI_FIXUP_RECALCULATE_EMAIL_HASH_SUCCESS' => 'Successfully recalculated all email hashes.', 'CLI_FIXUP_UPDATE_HASH_BCRYPT_SUCCESS' => 'Successfully updated outdated password hashes to bcrypt.', 'CLI_MIGRATION_NAME' => 'Migration name, including the namespace (use forward slashes instead of backslashes to avoid problems).', diff --git a/phpBB/phpbb/console/command/fixup/recalculate_email_hash.php b/phpBB/phpbb/console/command/fixup/recalculate_email_hash.php deleted file mode 100644 index 6f7096296d..0000000000 --- a/phpBB/phpbb/console/command/fixup/recalculate_email_hash.php +++ /dev/null @@ -1,76 +0,0 @@ -<?php -/** -* -* This file is part of the phpBB Forum Software package. -* -* @copyright (c) phpBB Limited <https://www.phpbb.com> -* @license GNU General Public License, version 2 (GPL-2.0) -* -* For full copyright and license information, please see -* the docs/CREDITS.txt file. -* -*/ -namespace phpbb\console\command\fixup; - -use Symfony\Component\Console\Input\InputInterface; -use Symfony\Component\Console\Output\OutputInterface; -use Symfony\Component\Console\Style\SymfonyStyle; - -class recalculate_email_hash extends \phpbb\console\command\command -{ - /** @var \phpbb\db\driver\driver_interface */ - protected $db; - - public function __construct(\phpbb\user $user, \phpbb\db\driver\driver_interface $db) - { - $this->db = $db; - - parent::__construct($user); - } - - protected function configure() - { - $this - ->setName('fixup:recalculate-email-hash') - ->setDescription($this->user->lang('CLI_DESCRIPTION_RECALCULATE_EMAIL_HASH')) - ; - } - - protected function execute(InputInterface $input, OutputInterface $output) - { - $io = new SymfonyStyle($input, $output); - - $sql = 'SELECT user_id, user_email, user_email_hash - FROM ' . USERS_TABLE . ' - WHERE user_type <> ' . USER_IGNORE . " - AND user_email <> ''"; - $result = $this->db->sql_query($sql); - - while ($row = $this->db->sql_fetchrow($result)) - { - $user_email_hash = phpbb_email_hash($row['user_email']); - if ($user_email_hash !== $row['user_email_hash']) - { - $sql_ary = array( - 'user_email_hash' => $user_email_hash, - ); - - $sql = 'UPDATE ' . USERS_TABLE . ' - SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' - WHERE user_id = ' . (int) $row['user_id']; - $this->db->sql_query($sql); - - if ($output->getVerbosity() >= OutputInterface::VERBOSITY_DEBUG) - { - $io->table( - array('user_id', 'user_email', 'user_email_hash'), - array(array($row['user_id'], $row['user_email'], $user_email_hash)) - ); - } - } - } - $this->db->sql_freeresult($result); - - $io->success($this->user->lang('CLI_FIXUP_RECALCULATE_EMAIL_HASH_SUCCESS')); - } -} diff --git a/phpBB/phpbb/install/module/install_database/task/add_config_settings.php b/phpBB/phpbb/install/module/install_database/task/add_config_settings.php index ba439609ff..91d7884aa4 100644 --- a/phpBB/phpbb/install/module/install_database/task/add_config_settings.php +++ b/phpBB/phpbb/install/module/install_database/task/add_config_settings.php @@ -245,7 +245,6 @@ class add_config_settings extends \phpbb\install\task_base user_lang = '" . $this->db->sql_escape($this->install_config->get('user_language', 'en')) . "', user_email='" . $this->db->sql_escape($this->install_config->get('board_email')) . "', user_dateformat='" . $this->db->sql_escape($this->language->lang('default_dateformat')) . "', - user_email_hash = " . $this->db->sql_escape(phpbb_email_hash($this->install_config->get('board_email'))) . ", username_clean = '" . $this->db->sql_escape(utf8_clean_string($this->install_config->get('admin_name'))) . "' WHERE username = 'Admin'", diff --git a/phpBB/phpbb/ucp/controller/reset_password.php b/phpBB/phpbb/ucp/controller/reset_password.php index 7bd1b20cb3..5c27c4f414 100644 --- a/phpBB/phpbb/ucp/controller/reset_password.php +++ b/phpBB/phpbb/ucp/controller/reset_password.php @@ -173,7 +173,7 @@ class reset_password 'SELECT' => 'user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type,' . ' user_lang, user_inactive_reason, reset_token, reset_token_expiration', 'FROM' => [$this->users_table => 'u'], - 'WHERE' => "user_email_hash = '" . $this->db->sql_escape(phpbb_email_hash($email)) . "'" . + 'WHERE' => "user_email = '" . $this->db->sql_escape($email) . "'" . (!empty($username) ? " AND username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'" : ''), ]; diff --git a/tests/auth/provider_apache_test.php b/tests/auth/provider_apache_test.php index b1c84d47b6..ebc97c204a 100644 --- a/tests/auth/provider_apache_test.php +++ b/tests/auth/provider_apache_test.php @@ -121,7 +121,6 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case 'user_password' => '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i', 'user_passchg' => '0', 'user_email' => 'example@example.com', - 'user_email_hash' => '0', 'user_birthday' => '', 'user_lastvisit' => '0', 'user_lastmark' => '0', diff --git a/tests/functions/fixtures/validate_email.xml b/tests/functions/fixtures/validate_email.xml index fa139f6f18..f477c265e9 100644 --- a/tests/functions/fixtures/validate_email.xml +++ b/tests/functions/fixtures/validate_email.xml @@ -30,14 +30,12 @@ <column>username_clean</column> <column>user_permissions</column> <column>user_sig</column> - <column>user_email_hash</column> <row> <value>1</value> <value>admin</value> <value>admin</value> <value></value> <value></value> - <value>143317126117</value> </row> </table> </dataset> |