DBVersion000007.class.php (995B)
1 <?php 2 use database\DbVersion; 3 use security\Password; 4 5 /** 6 * Security enhancements. 7 * 8 * @author dankert 9 * 10 */ 11 class DBVersion000007 extends DbVersion 12 { 13 public function update() 14 { 15 $not_nullable = false; 16 $nullable = true; 17 18 $this->addColumn('user','otp_secret' ,OR_DB_COLUMN_TYPE_VARCHAR,255,null,$nullable ); 19 20 $table = $this->getTableName('user'); 21 $db = $this->getDb(); 22 $stmt = $db->sql('SELECT id FROM '.$table); 23 foreach($stmt->getCol() as $userid ) 24 { 25 $secret = Password::randomHexString(64); 26 $stmt = $db->sql('UPDATE '.$table.' SET otp_secret={secret} WHERE id={id}'); 27 $stmt->setString('secret',$secret); 28 $stmt->setInt('id',$userid); 29 $stmt->query(); 30 } 31 32 $this->addColumn('user','totp' ,OR_DB_COLUMN_TYPE_INT , 1, 0,$not_nullable); 33 $this->addColumn('user','hotp_counter',OR_DB_COLUMN_TYPE_INT , 0, 0,$not_nullable); 34 $this->addColumn('user','hotp' ,OR_DB_COLUMN_TYPE_INT , 1, 0,$not_nullable); 35 36 } 37 } 38 39 ?>