DBVersion000006.class.php (924B)
1 <?php 2 use database\DbVersion; 3 4 /** 5 * Security enhancements. 6 * 7 * @author dankert 8 * 9 */ 10 class DBVersion000006 extends DbVersion 11 { 12 public function update() 13 { 14 $not_nullable = false; 15 $nullable = true; 16 17 $this->addColumn('user','password_expires',OR_DB_COLUMN_TYPE_INT,0,null,$nullable); 18 19 $this->addColumn('user','last_login' ,OR_DB_COLUMN_TYPE_INT,0,null,$nullable); 20 21 $this->addColumn('user','password_algo' ,OR_DB_COLUMN_TYPE_INT,0,2,$not_nullable); 22 23 // Setting Password algo. Passwords beginning with '$' are (old) MD5-hashes. 24 25 // SUBSTR(s,pos,length) is supported by MySql,Postgres,SQLite 26 // SUBSTRING(s FROM pos FOR length) is NOT supported by SQLite 27 $table = $this->getTableName('user'); 28 $db = $this->getDb(); 29 $updateAlgoStmt = $db->sql('UPDATE '.$table. 30 ' SET password_algo=1 WHERE SUBSTR(password_hash,1,1) = '."'$'".';' 31 ); 32 $updateAlgoStmt->query(); 33 34 } 35 } 36 37 ?>