/***************************************************************************
- * Copyright (C) 2005-2013 by the Quassel Project *
+ * Copyright (C) 2005-2015 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
QSqlQuery query(db);
query.prepare(queryString("insert_quasseluser"));
query.bindValue(":username", user);
- query.bindValue(":password", cryptedPassword(password));
+ query.bindValue(":password", hashPassword(password));
+ query.bindValue(":hashversion", Storage::HashVersion::Latest);
lockForWrite();
safeExec(query);
if (query.lastError().isValid() && query.lastError().number() == 19) { // user already exists - sadly 19 seems to be the general constraint violation error...
QSqlQuery query(db);
query.prepare(queryString("update_userpassword"));
query.bindValue(":userid", user.toInt());
- query.bindValue(":password", cryptedPassword(password));
+ query.bindValue(":password", hashPassword(password));
+ query.bindValue(":hashversion", Storage::HashVersion::Latest);
lockForWrite();
safeExec(query);
success = query.numRowsAffected() != 0;
UserId SqliteStorage::validateUser(const QString &user, const QString &password)
{
UserId userId;
+ QString hashedPassword;
+ Storage::HashVersion hashVersion;
{
QSqlQuery query(logDb());
query.prepare(queryString("select_authuser"));
query.bindValue(":username", user);
- query.bindValue(":password", cryptedPassword(password));
lockForRead();
safeExec(query);
if (query.first()) {
userId = query.value(0).toInt();
+ hashedPassword = query.value(1).toString();
+ hashVersion = static_cast<Storage::HashVersion>(query.value(2).toInt());
}
}
unlock();
- return userId;
+ UserId returnUserId;
+ if (userId != 0 && checkHashedPassword(userId, password, hashedPassword, hashVersion)) {
+ returnUserId = userId;
+ }
+ return returnUserId;
}
net.networkId = networksQuery.value(0).toInt();
net.networkName = networksQuery.value(1).toString();
net.identity = networksQuery.value(2).toInt();
- net.codecForServer = networksQuery.value(3).toString().toAscii();
- net.codecForEncoding = networksQuery.value(4).toString().toAscii();
- net.codecForDecoding = networksQuery.value(5).toString().toAscii();
+ net.codecForServer = networksQuery.value(3).toString().toLatin1();
+ net.codecForEncoding = networksQuery.value(4).toString().toLatin1();
+ net.codecForDecoding = networksQuery.value(5).toString().toLatin1();
net.useRandomServer = networksQuery.value(6).toInt() == 1 ? true : false;
net.perform = networksQuery.value(7).toString().split("\n");
net.useAutoIdentify = networksQuery.value(8).toInt() == 1 ? true : false;
qCritical() << " bound Values:";
QList<QVariant> list = query.boundValues().values();
for (int i = 0; i < list.size(); ++i)
- qCritical() << i << ":" << list.at(i).toString().toAscii().data();
+ qCritical() << i << ":" << list.at(i).toString().toLatin1().data();
Q_ASSERT(false);
}
}