/***************************************************************************
- * Copyright (C) 2005-2014 by the Quassel Project *
+ * Copyright (C) 2005-2015 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
return false;
break;
}
+
+ // Set the PostgreSQL session timezone to UTC, since we want timestamps stored in UTC
+ QSqlQuery tzQuery = db.exec("SET timezone = 'UTC'");
+ if (tzQuery.lastError().isValid()) {
+ quError() << "Failed to set timezone to UTC!";
+ return false;
+ }
+
return true;
}
QSqlQuery query(logDb());
query.prepare(queryString("insert_quasseluser"));
query.bindValue(":username", user);
- query.bindValue(":password", cryptedPassword(password));
+ query.bindValue(":password", hashPassword(password));
+ query.bindValue(":hashversion", Storage::HashVersion::Latest);
safeExec(query);
if (!watchQuery(query))
return 0;
QSqlQuery query(logDb());
query.prepare(queryString("update_userpassword"));
query.bindValue(":userid", user.toInt());
- query.bindValue(":password", cryptedPassword(password));
+ query.bindValue(":password", hashPassword(password));
+ query.bindValue(":hashversion", Storage::HashVersion::Latest);
safeExec(query);
watchQuery(query);
return query.numRowsAffected() != 0;
QSqlQuery query(logDb());
query.prepare(queryString("select_authuser"));
query.bindValue(":username", user);
- query.bindValue(":password", cryptedPassword(password));
safeExec(query);
watchQuery(query);
- if (query.first()) {
+ if (query.first() && checkHashedPassword(query.value(0).toInt(), password, query.value(1).toString(), static_cast<Storage::HashVersion>(query.value(2).toInt()))) {
return query.value(0).toInt();
}
else {
if (addSenderQuery.lastError().isValid()) {
rollbackSavePoint("sender_sp1", db);
- getSenderIdQuery.prepare(getSenderIdQuery.lastQuery());
- safeExec(getSenderIdQuery);
+ getSenderIdQuery = executePreparedQuery("select_senderid", msg.sender(), db);
watchQuery(getSenderIdQuery);
getSenderIdQuery.first();
senderId = getSenderIdQuery.value(0).toInt();
if (addSenderQuery.lastError().isValid()) {
// seems it was inserted meanwhile... by a different thread
rollbackSavePoint("sender_sp", db);
- selectSenderQuery.prepare(selectSenderQuery.lastQuery());
- safeExec(selectSenderQuery);
+ selectSenderQuery = executePreparedQuery("select_senderid", sender, db);
watchQuery(selectSenderQuery);
selectSenderQuery.first();
senderIdList << selectSenderQuery.value(0).toInt();