diff options
| author | Camil Staps | 2016-07-26 00:16:17 +0200 |
|---|---|---|
| committer | Camil Staps | 2016-07-26 00:17:07 +0200 |
| commit | 93b405ab9f69538546165c75a301c0c57a5359cf (patch) | |
| tree | 7fab746b7fadcd26d012255b7bfad65a5b14ef61 /install | |
| parent | Update makefile for d9936a9 (diff) | |
User authentication mechanism
Diffstat (limited to 'install')
| -rw-r--r-- | install/index.php | 19 | ||||
| -rw-r--r-- | install/upgrade.php | 13 |
2 files changed, 32 insertions, 0 deletions
diff --git a/install/index.php b/install/index.php index 6c57769..41fb450 100644 --- a/install/index.php +++ b/install/index.php @@ -89,6 +89,13 @@ if (isset($_GET['create_tables'])) { KEY `contactId_2` (`contactId`), KEY `invoice_fileId_2` (`invoice_fileId`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1"); + + $_pdo->query("CREATE TABLE IF NOT EXISTS `".constants::db_prefix."user` ( + `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, + `username` varchar(24) NOT NULL, + `password` varchar(255) NOT NULL, + PRIMARY KEY (`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=latin1;"); $_pdo->query("ALTER TABLE `".constants::db_prefix."assignment` ADD CONSTRAINT `assignment_ibfk_1` FOREIGN KEY (`offerId`) REFERENCES `".constants::db_prefix."offer` (`id`)"); @@ -120,6 +127,17 @@ if (isset($_GET['create_folders'])) { echo "Creating folder `" . constants::files_folder_trash . "` failed.<br/>"; } } + +if (isset($_GET['password_cost'])) { + $target = 1; + $start = $end = 0; + for ($cost = 10; $end - $start < $target; $cost++) { + $start = microtime(true); + user::hash('test', $cost); + $end = microtime(true); + } + echo "Password cost suggestion: $cost.<br/>You can set this in classes/constants.php."; +} ?> <hr/> @@ -129,6 +147,7 @@ if (isset($_GET['create_folders'])) { <ol> <li><a href="?create_tables">Create database tables</a></li> <li><a href="?create_folders">Create folders</a></li> + <li><a href="?password_cost">Finding a good password cost</a></li> </ol> <p>When you're done, it would be the neatest to remove the /install folder (even though this whole control panel should not be accessible for the public).</p> diff --git a/install/upgrade.php b/install/upgrade.php index 04cc03a..e145ba7 100644 --- a/install/upgrade.php +++ b/install/upgrade.php @@ -73,6 +73,19 @@ if (isset($_GET['upgrade'])) { } } + if (lower_version($_GET['upgrade'], '0.4')) { + try { + $_pdo->query("CREATE TABLE IF NOT EXISTS `".constants::db_prefix."user` ( + `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, + `username` varchar(24) NOT NULL, + `password` varchar(255) NOT NULL, + PRIMARY KEY (`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=latin1;"); + } catch (PDOException $e) { + echo "Altering the database structure failed with a PDOException ({$e->getCode()}): {$e->getMessage()}<br/>" . $e->getTraceAsString(); + } + } + echo "<br/>All done."; } ?> |