}
function update_1244() {
+ // Sets legacy_password for all legacy hashes
+ dba::update('user', ['legacy_password' => true], ['SUBSTR(password, 1, 4) != "$2y$"']);
+
// All legacy hashes are re-hashed using the new secure hashing function
- $stmt = dba::select('user', ['uid', 'password'], ['password NOT LIKE "$%"']);
- while ($user = dba::fetch($stmt)) {
+ $stmt = dba::select('user', ['uid', 'password'], ['legacy_password' => true]);
+ while($user = dba::fetch($stmt)) {
dba::update('user', ['password' => User::hashPassword($user['password'])], ['uid' => $user['uid']]);
}