--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/install/schemas/upgrade/1.1.5-1.1.6.php Sun Jan 04 00:55:40 2009 -0500
@@ -0,0 +1,35 @@
+<?php
+
+// Migrate passwords to the new encryption scheme
+
+global $db, $session, $paths, $template, $plugins; // Common objects
+require_once(ENANO_ROOT . '/includes/hmac.php');
+
+@set_time_limit(0);
+
+$q = $db->sql_query('UPDATE ' . table_prefix . "users SET old_encryption = 2 WHERE user_id > 1 AND old_encryption = 0;");
+if ( !$q )
+ $db->_die();
+
+$q = $db->sql_query('SELECT user_id, password FROM ' . table_prefix . "users WHERE user_id > 1 AND old_encryption = 2;");
+if ( !$q )
+ $db->_die();
+
+while ( $row = $db->fetchrow($q) )
+{
+ $password = $session->pk_decrypt($row['password']);
+ if ( empty($password) )
+ {
+ global $ui;
+ echo '<p>1.1.5-1.1.6 migration script: ERROR: bad password returned from $session->pk_decrypt()</p>';
+ $ui->show_footer();
+ exit;
+ }
+ $hmac_secret = hexencode(AESCrypt::randkey(20), '', '');
+ $password = hmac_sha1($password, $hmac_secret);
+ $e = $db->sql_query('UPDATE ' . table_prefix . "users SET password = '{$password}', password_salt = '{$hmac_secret}', old_encryption = 0 WHERE user_id = {$row['user_id']};");
+ if ( !$e )
+ $db->_die();
+}
+
+