diff --git a/database.php b/database.php index 82af82c..9a0ee8c 100644 --- a/database.php +++ b/database.php @@ -145,75 +145,6 @@ class Database } /** - * Check user login credentials for old user accounts. - * This is a temporary function used to login users with the same - * credentials from the previous version of freepost. - * - * How it works: first a user is tested with check_user_credentials(). - * If that fails, this function is called (with the same user/password - * combination). If the password match, it means that's a user logging in - * with the old credentials. What we do then, is to update the database - * with the new password/salt. - * - * @return NULL if bad credentials, otherwise return the user - */ - function check_user_old_credentials ($username, $password) - { - try { - - $this->database->beginTransaction(); - - $user = NULL; - - if (is_null ($this->database)) - return $user; - - // Check if the old credentials are valid - $query = $this->database->prepare ( - 'SELECT * ' . - 'FROM `user`' . - 'WHERE ' . - '`username` = ? AND ' . - '`salt` = "" AND ' . - '`password` = SHA2(?, 512) AND ' . - '`isActive` = 1'); - - $query->execute (array ($username, $password)); - - $user_is_valid = $query->rowCount() > 0; - - /* The old credentials are OK, now we update with a new - * hash/salt to update users with the new freepost! - */ - if ($user_is_valid) - { - // Create a salt for user password - $salt = self::get_random_string (16); - - $query = $this->database->prepare ( - 'UPDATE `user`' . - 'SET `password` = SHA2(?, 512), `salt` = ? ' . - 'WHERE `username` = ?'); - - $query->execute (array ($password . $salt, $salt, $username)); - - $user = self::get_user ($username); - } - - $this->database->commit (); - - return $user; - - } catch(PDOException $ex) { - - $this->database->rollBack(); - - return NULL; - - } - } - - /** * Retrieve a post */ function get_post ($hash_id)