mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
d8e9af8af8
Database abstraction broken up into controller, connector, query builder, and schema manager, each independently configurable via YAML / Injector Creation of new DBQueryGenerator for database specific generation of SQL Support for parameterised queries, move of code base to use these over escaped conditions Refactor of SQLQuery into separate query classes for each of INSERT UPDATE DELETE and SELECT Support for PDO Installation process upgraded to use new ORM SS_DatabaseException created to handle database errors, maintaining details of raw sql and parameter details for user code designed interested in that data. Renamed DB static methods to conform correctly to naming conventions (e.g. DB::getConn -> DB::get_conn) 3.2 upgrade docs Performance Optimisation and simplification of code to use more concise API API Ability for database adapters to register extensions to ConfigureFromEnv.php
76 lines
2.1 KiB
PHP
76 lines
2.1 KiB
PHP
<?php
|
|
/**
|
|
* Encrypt all passwords
|
|
*
|
|
* Action to encrypt all *clear text* passwords in the database according
|
|
* to the current settings.
|
|
* If the current settings are so that passwords shouldn't be encrypted,
|
|
* an explanation will be printed out.
|
|
*
|
|
* To run this action, the user needs to have administrator rights!
|
|
*
|
|
* @package framework
|
|
* @subpackage tasks
|
|
*/
|
|
class EncryptAllPasswordsTask extends BuildTask {
|
|
protected $title = 'Encrypt all passwords tasks';
|
|
|
|
protected $description = 'Convert all plaintext passwords on the Member table to the default encryption/hashing
|
|
algorithm. Note: This mainly applies to passwords in SilverStripe 2.1 or earlier, passwords in newer versions
|
|
are hashed by default.';
|
|
|
|
public function init() {
|
|
parent::init();
|
|
|
|
if(!Permission::check('ADMIN')) {
|
|
return Security::permissionFailure($this);
|
|
}
|
|
}
|
|
|
|
public function run($request) {
|
|
$algo = Security::config()->password_encryption_algorithm;
|
|
if($algo == 'none') {
|
|
$this->debugMessage('Password encryption disabled');
|
|
return;
|
|
}
|
|
|
|
// Are there members with a clear text password?
|
|
$members = DataObject::get("Member")->where(array(
|
|
'"Member"."PasswordEncryption"' => 'none',
|
|
'"Member"."Password" IS NOT NULL'
|
|
));
|
|
|
|
if(!$members) {
|
|
$this->debugMessage('No passwords to encrypt');
|
|
return;
|
|
}
|
|
|
|
// Encrypt the passwords...
|
|
$this->debugMessage('Encrypting all passwords');
|
|
$this->debugMessage(sprintf(
|
|
'The passwords will be encrypted using the %s algorithm',
|
|
$algo
|
|
));
|
|
|
|
foreach($members as $member) {
|
|
// Force the update of the member record, as new passwords get
|
|
// automatically encrypted according to the settings, this will do all
|
|
// the work for us
|
|
$member->PasswordEncryption = $algo;
|
|
$member->forceChange();
|
|
$member->write();
|
|
|
|
$this->debugMessage(sprintf('Encrypted credentials for member #%d;', $member->ID));
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @todo This should really be taken care of by TestRunner
|
|
*/
|
|
protected function debugMessage($msg) {
|
|
if(class_exists('SapphireTest', false) && !SapphireTest::is_running_test()) {
|
|
Debug::message($msg);
|
|
}
|
|
}
|
|
}
|