ENH: refs #952. Further support upgrade process for 3.2.12.

Michael Grauer · Michael Grauer · commit a1fe64c2127f · 2013-03-13T17:12:30.000-04:00
This fixes a case that would fail if the admin user is logged out, then pulls
the latest commit, then tries to login with the remerber me checked.
diff --git a/core/AppController.php b/core/AppController.php
@@ -108,11 +108,23 @@ public function preDispatch()
           if(count($tmp) == 2)
             {
             $userDao = $userModel->load($tmp[0]);
-
-            if(version_compare(Zend_Registry::get('configDatabase')->version, '3.2.12', '>=') &&
-               $userDao != false && $userModel->hashExists($tmp[1]))
+            if($userDao != false)
               {
-              $user->Dao = $userDao;
+              // authenticate valid users in the appropriate method for the
+              // current application version
+              if(version_compare(Zend_Registry::get('configDatabase')->version, '3.2.12', '>='))
+                {
+                $auth = $userModel->hashExists($tmp[1]);
+                }
+              else
+                {
+                $auth = $this->User->legacyAuthenticate($userDao, '', '', $tmp[1]);
+                }
+              // if authenticated, set the session user to be this user
+              if($auth)
+                {
+                $user->Dao = $userDao;
+                }
               }
             }
           }
diff --git a/core/controllers/UserController.php b/core/controllers/UserController.php
@@ -476,6 +476,7 @@ function loginAction()
           }
         else
           {
+          $passwordHash = md5($instanceSalt.$form->getValue('password'));
           $coreAuth = $this->User->legacyAuthenticate($userDao, $instanceSalt, $form->getValue('password'));
           }
 
@@ -490,10 +491,6 @@ function loginAction()
               return;
               }
             }
-          if(version_compare($currentVersion, '3.2.12', '>=') && $userDao->getSalt() == '')
-            {
-            $passwordHash = $this->User->convertLegacyPasswordHash($userDao, $form->getValue('password'));
-            }
           $remember = $form->getValue('remerberMe');
           if(isset($remember) && $remember == 1)
             {
diff --git a/core/models/pdo/UserModel.php b/core/models/pdo/UserModel.php
@@ -312,9 +312,12 @@ function getUsersFromSearch($search, $userDao, $limit = 14, $group = true, $orde
    * used during the upgrade process only, not for general authentication.
    * @return True or false: whether the authentication succeeded
    */
-  function legacyAuthenticate($userDao, $instanceSalt, $password)
+  function legacyAuthenticate($userDao, $instanceSalt, $password, $hash = false)
     {
-    $hash = md5($instanceSalt.$password);
+    if(!$hash)
+      {
+      $hash = md5($instanceSalt.$password);
+      }
     $sql = $this->database->select()->setIntegrityCheck(false)
                 ->where('user_id = ?', $userDao->getKey());
 

Original file line number	Diff line number	Diff line change
`@@ -108,11 +108,23 @@ public function preDispatch()`
`108`	`108`	`if(count($tmp) == 2)`
`109`	`109`	`{`
`110`	`110`	`$userDao = $userModel->load($tmp[0]);`
`111`		`-`
`112`		`- if(version_compare(Zend_Registry::get('configDatabase')->version, '3.2.12', '>=') &&`
`113`		`- $userDao != false && $userModel->hashExists($tmp[1]))`
	`111`	`+ if($userDao != false)`
`114`	`112`	`{`
`115`		`- $user->Dao = $userDao;`
	`113`	`+ // authenticate valid users in the appropriate method for the`
	`114`	`+ // current application version`
	`115`	`+ if(version_compare(Zend_Registry::get('configDatabase')->version, '3.2.12', '>='))`
	`116`	`+ {`
	`117`	`+ $auth = $userModel->hashExists($tmp[1]);`
	`118`	`+ }`
	`119`	`+ else`
	`120`	`+ {`
	`121`	`+ $auth = $this->User->legacyAuthenticate($userDao, '', '', $tmp[1]);`
	`122`	`+ }`
	`123`	`+ // if authenticated, set the session user to be this user`
	`124`	`+ if($auth)`
	`125`	`+ {`
	`126`	`+ $user->Dao = $userDao;`
	`127`	`+ }`
`116`	`128`	`}`
`117`	`129`	`}`
`118`	`130`	`}`
Original file line number	Diff line number	Diff line change
`@@ -476,6 +476,7 @@ function loginAction()`
`476`	`476`	`}`
`477`	`477`	`else`
`478`	`478`	`{`
	`479`	`+ $passwordHash = md5($instanceSalt.$form->getValue('password'));`
`479`	`480`	`$coreAuth = $this->User->legacyAuthenticate($userDao, $instanceSalt, $form->getValue('password'));`
`480`	`481`	`}`
`481`	`482`
`@@ -490,10 +491,6 @@ function loginAction()`
`490`	`491`	`return;`
`491`	`492`	`}`
`492`	`493`	`}`
`493`		`- if(version_compare($currentVersion, '3.2.12', '>=') && $userDao->getSalt() == '')`
`494`		`- {`
`495`		`- $passwordHash = $this->User->convertLegacyPasswordHash($userDao, $form->getValue('password'));`
`496`		`- }`
`497`	`494`	`$remember = $form->getValue('remerberMe');`
`498`	`495`	`if(isset($remember) && $remember == 1)`
`499`	`496`	`{`