X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fpostgresqlstorage.cpp;h=e7a71e7bc6ccaf1783f2b7c02a444badfeebc665;hp=11adb1dda4a20e7057427297e1f30b04d5ac3eed;hb=56d25331d61b4b24a2805f1cf16e68f722fdaf73;hpb=695758015a80eb8c158a9ac4c0f1c0b547e70df3 diff --git a/src/core/postgresqlstorage.cpp b/src/core/postgresqlstorage.cpp index 11adb1dd..e7a71e7b 100644 --- a/src/core/postgresqlstorage.cpp +++ b/src/core/postgresqlstorage.cpp @@ -136,6 +136,14 @@ bool PostgreSqlStorage::initDbSession(QSqlDatabase &db) return false; break; } + + // Set the PostgreSQL session timezone to UTC, since we want timestamps stored in UTC + QSqlQuery tzQuery = db.exec("SET timezone = 'UTC'"); + if (tzQuery.lastError().isValid()) { + quError() << "Failed to set timezone to UTC!"; + return false; + } + return true; } @@ -207,7 +215,8 @@ UserId PostgreSqlStorage::addUser(const QString &user, const QString &password) QSqlQuery query(logDb()); query.prepare(queryString("insert_quasseluser")); query.bindValue(":username", user); - query.bindValue(":password", cryptedPassword(password)); + query.bindValue(":password", hashPassword(password)); + query.bindValue(":hashversion", Storage::HashVersion::Latest); safeExec(query); if (!watchQuery(query)) return 0; @@ -224,7 +233,8 @@ bool PostgreSqlStorage::updateUser(UserId user, const QString &password) QSqlQuery query(logDb()); query.prepare(queryString("update_userpassword")); query.bindValue(":userid", user.toInt()); - query.bindValue(":password", cryptedPassword(password)); + query.bindValue(":password", hashPassword(password)); + query.bindValue(":hashversion", Storage::HashVersion::Latest); safeExec(query); watchQuery(query); return query.numRowsAffected() != 0; @@ -248,11 +258,10 @@ UserId PostgreSqlStorage::validateUser(const QString &user, const QString &passw QSqlQuery query(logDb()); query.prepare(queryString("select_authuser")); query.bindValue(":username", user); - query.bindValue(":password", cryptedPassword(password)); safeExec(query); watchQuery(query); - if (query.first()) { + if (query.first() && checkHashedPassword(query.value(0).toInt(), password, query.value(1).toString(), static_cast(query.value(2).toInt()))) { return query.value(0).toInt(); } else { @@ -1372,8 +1381,7 @@ bool PostgreSqlStorage::logMessage(Message &msg) if (addSenderQuery.lastError().isValid()) { rollbackSavePoint("sender_sp1", db); - getSenderIdQuery.prepare(getSenderIdQuery.lastQuery()); - safeExec(getSenderIdQuery); + getSenderIdQuery = executePreparedQuery("select_senderid", msg.sender(), db); watchQuery(getSenderIdQuery); getSenderIdQuery.first(); senderId = getSenderIdQuery.value(0).toInt(); @@ -1443,8 +1451,7 @@ bool PostgreSqlStorage::logMessages(MessageList &msgs) if (addSenderQuery.lastError().isValid()) { // seems it was inserted meanwhile... by a different thread rollbackSavePoint("sender_sp", db); - selectSenderQuery.prepare(selectSenderQuery.lastQuery()); - safeExec(selectSenderQuery); + selectSenderQuery = executePreparedQuery("select_senderid", sender, db); watchQuery(selectSenderQuery); selectSenderQuery.first(); senderIdList << selectSenderQuery.value(0).toInt();