X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fpostgresqlstorage.cpp;h=68cf25449d55a3f16d8d9362bb37a9c5b2eea15b;hp=31f22b9de5c508ba99822d09e6dec61d5154327c;hb=9a440b6a972595bc556f34504cdbb3ea56ca53fd;hpb=f11377872cde42c47b3354b8e660cb2025ceffd8

diff --git a/src/core/postgresqlstorage.cpp b/src/core/postgresqlstorage.cpp
index 31f22b9d..68cf2544 100644
--- a/src/core/postgresqlstorage.cpp
+++ b/src/core/postgresqlstorage.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-2014 by the Quassel Project                        *
+ *   Copyright (C) 2005-2015 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -136,6 +136,14 @@ bool PostgreSqlStorage::initDbSession(QSqlDatabase &db)
         return false;
         break;
     }
+
+    // Set the PostgreSQL session timezone to UTC, since we want timestamps stored in UTC
+    QSqlQuery tzQuery = db.exec("SET timezone = 'UTC'");
+    if (tzQuery.lastError().isValid()) {
+        quError() << "Failed to set timezone to UTC!";
+        return false;
+    }
+
     return true;
 }
 
@@ -207,7 +215,8 @@ UserId PostgreSqlStorage::addUser(const QString &user, const QString &password)
     QSqlQuery query(logDb());
     query.prepare(queryString("insert_quasseluser"));
     query.bindValue(":username", user);
-    query.bindValue(":password", cryptedPassword(password));
+    query.bindValue(":password", hashPassword(password));
+    query.bindValue(":hashversion", Storage::HashVersion::Latest);
     safeExec(query);
     if (!watchQuery(query))
         return 0;
@@ -224,7 +233,8 @@ bool PostgreSqlStorage::updateUser(UserId user, const QString &password)
     QSqlQuery query(logDb());
     query.prepare(queryString("update_userpassword"));
     query.bindValue(":userid", user.toInt());
-    query.bindValue(":password", cryptedPassword(password));
+    query.bindValue(":password", hashPassword(password));
+    query.bindValue(":hashversion", Storage::HashVersion::Latest);
     safeExec(query);
     watchQuery(query);
     return query.numRowsAffected() != 0;
@@ -248,11 +258,10 @@ UserId PostgreSqlStorage::validateUser(const QString &user, const QString &passw
     QSqlQuery query(logDb());
     query.prepare(queryString("select_authuser"));
     query.bindValue(":username", user);
-    query.bindValue(":password", cryptedPassword(password));
     safeExec(query);
     watchQuery(query);
 
-    if (query.first()) {
+    if (query.first() && checkHashedPassword(query.value(0).toInt(), password, query.value(1).toString(), static_cast<Storage::HashVersion>(query.value(2).toInt()))) {
         return query.value(0).toInt();
     }
     else {