3 * This script will alter the webcal_user table to allow 32 character passwords
4 * and convert user passwords to PHP md5 passwords.
6 * It is necessary to run this to upgrade to version 0.9.43 from any version.
9 * ** NOTE: This script should only be run ONCE and then be deleted!!
13 /********************************************************************/
15 $includedir = "../includes";
16 include "$includedir/config.php";
17 $includedir = "../includes";
18 include "$includedir/php-dbi.php";
20 $c = dbi_connect ( $db_host, $db_login, $db_password, $db_database );
22 echo "Error connecting to database: " . dbi_error ();
26 // First, look at the passwords. If we find and md5 hash in there,
27 // (it will have 32 chars instead of < 25 like in the old version),
28 // then we know this script was already run.
29 $sql = "SELECT cal_passwd FROM webcal_user";
30 $res = dbi_query ( $sql );
33 if ( $row = dbi_fetch_row ( $res ) ) {
34 if ( strlen ( $row[0] ) > 30 )
37 dbi_free_result ( $res );
39 echo "Database error: " . dbi_error ();
44 echo "Passwords were already converted to md5!\n<br />\n";
48 // See if webcal_user.cal_passwd will allow 32 characters
49 $sql = "DESC webcal_user";
50 $res = dbi_query ( $sql );
51 while ( $row = dbi_fetch_row ( $res ) ) {
52 if ($row[Field] == 'cal_passwd') {
53 preg_match ( "/([0-9]+)/", $row[Type], $match );
55 $sql = "ALTER TABLE webcal_user MODIFY cal_passwd VARCHAR(32) NULL";
56 // Use the following on older MySQL versions
57 //$sql = "ALTER TABLE webcal_user CHANGE cal_passwd cal_passwd VARCHAR(32) NULL";
58 $res = dbi_query ( $sql );
60 echo "Table webcal_user altered to allow 32 character passwords.\n" .
61 "<br />Converting passwords...\n<br /><br />\n";
66 dbi_free_result ( $res );
68 // Convert the passwords
69 $sql = "SELECT cal_login, cal_passwd FROM webcal_user";
70 $res = dbi_query ( $sql );
72 while ( $row = dbi_fetch_row ( $res ) ) {
73 $sql2 = "UPDATE webcal_user SET cal_passwd = '" .
74 md5($row[1]) . "' WHERE cal_login = '".$row[0]."'";
75 $res2 = dbi_query ( $sql2 );
77 echo "Password updated for: ".$row[0]."<br />\n";
79 dbi_free_result ( $res );
80 echo "Finished converting passwords\n<br />\n";
81 echo "<br /><br />\n<h1>DO NOT Run this script again!!!</h1>\n<br />\n";
82 echo '<h1>Delete this script if it ran successfully!!!</h1>';