Add database update function to use new hashes

diff --git a/update.php b/update.php
index 3cfc39e192e89576e5527b520c746a8f4f70de85..00b8d890ecda5f1eba05c80073297bdfb6f621bd 100644 (file)
--- a/update.php
+++ b/update.php
@@ -5,8 +5,7 @@ use Friendica\Core\Config;
 use Friendica\Core\PConfig;
 use Friendica\Core\Worker;
 use Friendica\Database\DBM;
-use Friendica\Model\Photo;
-use Friendica\Object\Image;
+use Friendica\Model\User;
 
 /**
  *
@@ -146,3 +145,19 @@ function update_1203() {
        $r = q("UPDATE `user` SET `account-type` = %d WHERE `page-flags` IN (%d, %d)",
                dbesc(ACCOUNT_TYPE_COMMUNITY), dbesc(PAGE_COMMUNITY), dbesc(PAGE_PRVGROUP));
 }
+
+function update_1244() {
+       // Sets legacy_password for all legacy hashes
+       dba::update('user', ['legacy_password' => true], ['SUBSTR(password, 1, 4) != "$2y$"']);
+
+       // All legacy hashes are re-hashed using the new secure hashing function
+       $stmt = dba::select('user', ['uid', 'password'], ['legacy_password' => true]);
+       while($user = dba::fetch($stmt)) {
+               dba::update('user', ['password' => User::hashPassword($user['password'])], ['uid' => $user['uid']]);
+       }
+
+       // Logged in users are forcibly logged out
+       dba::delete('session', ['1 = 1']);
+
+       return UPDATE_SUCCESS;
+}