return false;
break;
}
+
+ // Set the PostgreSQL session timezone to UTC, since we want timestamps stored in UTC
+ QSqlQuery tzQuery = db.exec("SET timezone = 'UTC'");
+ if (tzQuery.lastError().isValid()) {
+ quError() << "Failed to set timezone to UTC!";
+ return false;
+ }
+
return true;
}
QSqlQuery query(logDb());
query.prepare(queryString("insert_quasseluser"));
query.bindValue(":username", user);
- query.bindValue(":password", cryptedPassword(password));
+ query.bindValue(":password", hashPassword(password));
+ query.bindValue(":hashversion", Storage::HashVersion::Latest);
safeExec(query);
if (!watchQuery(query))
return 0;
QSqlQuery query(logDb());
query.prepare(queryString("update_userpassword"));
query.bindValue(":userid", user.toInt());
- query.bindValue(":password", cryptedPassword(password));
+ query.bindValue(":password", hashPassword(password));
+ query.bindValue(":hashversion", Storage::HashVersion::Latest);
safeExec(query);
watchQuery(query);
return query.numRowsAffected() != 0;
QSqlQuery query(logDb());
query.prepare(queryString("select_authuser"));
query.bindValue(":username", user);
- query.bindValue(":password", cryptedPassword(password));
safeExec(query);
watchQuery(query);
- if (query.first()) {
+ if (query.first() && checkHashedPassword(query.value(0).toInt(), password, query.value(1).toString(), static_cast<Storage::HashVersion>(query.value(2).toInt()))) {
return query.value(0).toInt();
}
else {
QSqlQuery query(logDb());
query.prepare(queryString("update_buffer_persistent_channel"));
query.bindValue(":userid", user.toInt());
- query.bindValue(":networkId", networkId.toInt());
+ query.bindValue(":networkid", networkId.toInt());
query.bindValue(":buffercname", channel.toLower());
query.bindValue(":joined", isJoined);
safeExec(query);
QSqlQuery query(logDb());
query.prepare(queryString("update_buffer_set_channel_key"));
query.bindValue(":userid", user.toInt());
- query.bindValue(":networkId", networkId.toInt());
+ query.bindValue(":networkid", networkId.toInt());
query.bindValue(":buffercname", channel.toLower());
query.bindValue(":key", key);
safeExec(query);
if (addSenderQuery.lastError().isValid()) {
rollbackSavePoint("sender_sp1", db);
- getSenderIdQuery.prepare(getSenderIdQuery.lastQuery());
- safeExec(getSenderIdQuery);
+ getSenderIdQuery = executePreparedQuery("select_senderid", msg.sender(), db);
watchQuery(getSenderIdQuery);
getSenderIdQuery.first();
senderId = getSenderIdQuery.value(0).toInt();
if (addSenderQuery.lastError().isValid()) {
// seems it was inserted meanwhile... by a different thread
rollbackSavePoint("sender_sp", db);
- selectSenderQuery.prepare(selectSenderQuery.lastQuery());
- safeExec(selectSenderQuery);
+ selectSenderQuery = executePreparedQuery("select_senderid", sender, db);
watchQuery(selectSenderQuery);
selectSenderQuery.first();
senderIdList << selectSenderQuery.value(0).toInt();
bindValue(0, user.id.toInt());
bindValue(1, user.username);
bindValue(2, user.password);
+ bindValue(3, user.hashversion);
return exec();
}
<< Sequence("quasseluser", "userid")
<< Sequence("sender", "senderid");
QList<Sequence>::const_iterator iter;
- for (iter = sequences.constBegin(); iter != sequences.constEnd(); iter++) {
+ for (iter = sequences.constBegin(); iter != sequences.constEnd(); ++iter) {
resetQuery();
newQuery(QString("SELECT setval('%1_%2_seq', max(%2)) FROM %1").arg(iter->table, iter->field), db);
if (!exec())