My favorites | Sign in
Project Home Downloads Wiki Issues Source
READ-ONLY: This project has been archived. For more information see this post.
Search
for
  Advanced search   Search tips   Subscriptions

Issue 200 attachment: mysql.py.diff (6.2 KB)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
11a12,14
> import string
> import random
> import hashlib
49c52
< self.db_ping()
---
> self.db_ping()
51c54
< c.execute("SELECT username,password,UNHEX(encryptedpassword) FROM register WHERE owner = '%s'" % jabberID)
---
> c.execute("SELECT salt FROM register WHERE owner = '%s'" % (jabberID))
54,56c57,61
< (username,password,encpass) = ret
< if encpass:
< return (username,encpass)
---
> salt = ret[0]
> self.db_ping()
> ic=self.db.cursor()
> if salt == '':
> ic.execute("SELECT username,password FROM register WHERE owner = '%s'" % jabberID)
57a63,67
> ic.execute("SELECT username,AES_DECRYPT(UNHEX(password),'%s') FROM register WHERE owner = '%s'" % (hashlib.sha1(config.xdbDriver_mysql["password"] + salt).hexdigest(), jabberID))
>
> iret = ic.fetchone()
> if iret:
> (username,password) = iret
58a69,71
> else:
> return None
>
81,82c94,101
< if config.xdbDriver_mysql.get("format","") == "encrypted":
< c.execute("INSERT INTO register(owner,username,encryptedpassword) VALUES('%s','%s',HEX('%s'))" % (jabberID, username, password))
---
> if config.xdbDriver_mysql.get("format","") == "encrypted":
> """ Creates Random Seed """
> randomSeed=random.SystemRandom()
> salt = ''
> for x in randomSeed.sample(string.letters + string.digits, 6):
> salt += x
>
> c.execute("INSERT INTO register(owner,username,password,salt) VALUES('%s','%s',HEX(AES_ENCRYPT('%s','%s')),'%s')" % (jabberID, username, password, hashlib.sha1(config.xdbDriver_mysql["password"] + salt).hexdigest(), salt))
84c103
< c.execute("INSERT INTO register(owner,username,password) VALUES('%s','%s','%s')" % (jabberID, username, password))
---
> c.execute("INSERT INTO register(owner,username,password,salt) VALUES('%s','%s','%s','')" % (jabberID, username, password))
89a109,110
> c.execute("DELETE FROM settings USING settings, register WHERE settings.ownerID = register.id AND register.owner = '%s'" % jabberID)
> c.execute("DELETE FROM list_attributes USING list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s'" % jabberID)
91,93d111
< c.execute("DELETE FROM settings WHERE owner = '%s'" % jabberID)
< c.execute("DELETE FROM lists WHERE owner = '%s'" % jabberID)
< c.execute("DELETE FROM list_attributes WHERE owner = '%s'" % jabberID)
99c117
< c.execute("SELECT variable,value FROM settings WHERE owner = '%s'" % (jabberID))
---
> c.execute("SELECT settings.variable,settings.value FROM settings, register WHERE settings.ownerID = register.id AND register.owner = '%s'" % (jabberID))
113c131
< c.execute("SELECT value FROM settings WHERE owner = '%s' AND variable = '%s'" % (jabberID, variable))
---
> c.execute("SELECT settings.value FROM settings, register WHERE settings.ownerID = register.id AND register.owner = '%s' AND settings.variable = '%s'" % (jabberID, variable))
125,127c143,145
< c.execute("DELETE FROM settings WHERE owner = '%s' AND variable = '%s'" % (jabberID, variable))
< c.execute("INSERT INTO settings(owner,variable,value) VALUES('%s','%s','%s')" % (jabberID, variable, value))
<
---
> c.execute("DELETE FROM settings USING settings, register WHERE settings.ownerID = register.id AND register.owner = '%s' AND settings.variable = '%s'" % (jabberID, variable))
> c.execute("INSERT INTO settings(ownerID,variable,value) VALUES((SELECT id FROM register WHERE owner = '%s'),'%s','%s')" % (jabberID, variable, value))
>
134c152
< c.execute("SELECT attribute,value FROM list_attributes WHERE owner = '%s' AND type = '%s' AND jid = '%s'" % (jabberID, type, legacyID))
---
> c.execute("SELECT list_attributes.attribute, list_attributes.value FROM list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s' AND list_attributes.type = '%s' AND list_attributes.jid = '%s'" % (jabberID, type, legacyID))
148c166
< c.execute("SELECT type FROM lists WHERE owner = '%s'" % (jabberID))
---
> c.execute("SELECT list_attributes.type FROM list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s'" % (jabberID))
163c181
< c.execute("SELECT jid FROM lists WHERE owner = '%s' AND type = '%s'" % (jabberID, type))
---
> c.execute("SELECT list_attributes.jid FROM list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s' AND list_attributes.type = '%s'" % (jabberID, type))
172c190
< ic.execute("SELECT attribute,value FROM list_attributes WHERE owner = '%s' AND type = '%s' AND jid = '%s'" % (jabberID, type, jid))
---
> ic.execute("SELECT list_attributes.attribute, list_attributes.value FROM list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s' AND list_attributes.type = '%s' AND list_attributes.jid = '%s'" % (jabberID, type, jid))
187,189c205
< c.execute("DELETE FROM lists WHERE owner = '%s' AND type = '%s' AND jid = '%s'" % (jabberID, type, legacyID))
< c.execute("DELETE FROM list_attributes WHERE owner = '%s' AND type = '%s' AND jid = '%s'" % (jabberID, type, legacyID))
< c.execute("INSERT INTO lists(owner,type,jid) VALUES('%s','%s','%s')" % (jabberID, type, legacyID))
---
> c.execute("DELETE FROM list_attributes USING list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s' AND list_attributes.type = '%s' AND list_attributes.jid = '%s'" % (jabberID, type, legacyID))
191c207
< c.execute("INSERT INTO list_attributes(owner,type,jid,attribute,value) VALUES('%s','%s','%s','%s','%s')" % (jabberID, type, legacyID, p, payload[p].replace("'", "\\'")))
---
> c.execute("INSERT INTO list_attributes(ownerID,type,jid,attribute,value) VALUES((SELECT id FROM register WHERE owner = '%s'),'%s','%s','%s','%s')" % (jabberID, type, legacyID, p, payload[p].replace("'", "\\'")))
198,199c214
< c.execute("DELETE FROM lists WHERE owner = '%s' AND type = '%s' AND jid = '%s'" % (jabberID, type, legacyID))
< c.execute("DELETE FROM list_attributes WHERE owner = '%s' AND type = '%s' AND jid = '%s'" % (jabberID, type, legacyID))
---
> c.execute("DELETE FROM list_attributes USING list_attributes, register WHERE list_attributes.ownerID = register.id AND register.owner = '%s' AND list_attributes.type = '%s' AND list_attributes.jid = '%s'" % (jabberID, type, legacyID))
Powered by Google Project Hosting