function password_policy_update_7204 in Password Policy 7.2
Convert any D6 password hashes in history to D7 format.
This may be a lengthy process, and is performed batch-wise.
Code mostly copied from user_update_7000(), which updates user password hashes upon D6 -> D7 migration.
See also
File
- ./
password_policy.install, line 250 - Install functions for Password Policy module.
Code
function password_policy_update_7204(&$sandbox) {
// Ignore Coder warning to minimize differences versus user_update_7000().
// @ignore sniffer_commenting_inlinecomment_spacingbefore:function
// @codingStandardsIgnoreStart
$sandbox['#finished'] = 0;
// Multi-part update.
if (!isset($sandbox['password_from'])) {
$sandbox['password_from'] = 0;
$sandbox['password_count'] = db_query('SELECT COUNT(hid) FROM {password_policy_history}')
->fetchField();
}
else {
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
// Hash again all current hashed passwords.
$has_rows = FALSE;
// Update this many per page load.
$count = 1000;
$result = db_query_range('SELECT hid, pass FROM {password_policy_history} ORDER BY hid', $sandbox['password_from'], $count);
foreach ($result as $row) {
$has_rows = TRUE;
// If the $row->pass value is not a MD5 hash (a 32 character
// hexadecimal string) then skip it.
if (!preg_match('/^[0-9a-f]{32}$/', $row->pass)) {
continue;
}
$new_hash = user_hash_password($row->pass);
if ($new_hash) {
// Indicate an updated password.
$new_hash = 'U' . $new_hash;
db_update('password_policy_history')
->fields(array(
'pass' => $new_hash,
))
->condition('hid', $row->hid)
->execute();
}
}
$sandbox['#finished'] = $sandbox['password_count'] == 0 ? 1 : $sandbox['password_from'] / $sandbox['password_count'];
$sandbox['password_from'] += $count;
if (!$has_rows) {
$sandbox['#finished'] = 1;
return t('User passwords in Password Policy history rehashed to improve security');
}
}
// @codingStandardsIgnoreEnd
}