1 files changed, 21 insertions, 0 deletions

diff --git a/install/upgrade.php b/install/upgrade.php
index 8ead230..db0c913 100644
--- a/install/upgrade.php
+++ b/install/upgrade.php
@@ -31,6 +31,8 @@ function lower_version($that, $new) {
 	for ($i = 0; $i < count($new); $i++) {
 		if ($new[$i] > $that[$i]) {
 			return true;
+		} elseif ($new[$i] < $that[$i]) {
+			return false;
 		}
 	}
 	return false;
@@ -111,15 +113,34 @@ if (isset($_GET['upgrade'])) {
 		try {
 			$_pdo->query("ALTER TABLE `".Constants::db_prefix."offer`
 				ADD `payment_key` VARCHAR(63) DEFAULT NULL;");
+
 			$_pdo->query("ALTER TABLE `".Constants::db_prefix."payment`
 				ADD `braintree_id` VARCHAR(36) DEFAULT NULL,
 				ADD `braintree_status` VARCHAR (63) NULL DEFAULT NULL;");
+
 			$_pdo->query("CREATE UNIQUE INDEX `payment_uniq_1` ON `".Constants::db_prefix."payment` (`offerId`);");
 		} catch (PDOException $e) {
 			echo "Altering the database structure failed with a PDOException ({$e->getCode()}): {$e->getMessage()}<br/>" . $e->getTraceAsString();
 		}
 	}
 
+	if (lower_version($_GET['upgrade'], '0.5.1')) {
+		try {
+			$_pdo->query("ALTER TABLE `".Constants::db_prefix."file`
+				ADD `secret_key` VARCHAR(63) DEFAULT NULL;");
+
+			$files = $_pdo->query("SELECT `id` FROM `".Constants::db_prefix."file` WHERE `secret_key` IS NULL;");
+			$stmt = $_pdo->prepare("UPDATE `".Constants::db_prefix."file` SET `secret_key`=? WHERE `id`=?");
+			foreach ($files->fetchAll(PDO::FETCH_ASSOC) as $file) {
+				$key = preg_replace('/[^\w]+/', '',
+					base64_encode(openssl_random_pseudo_bytes(45)));
+				$stmt->execute([$key, $file['id']]);
+			}
+		} catch (PDOException $e) {
+			echo "Altering the database structure failed with a PDOException ({$e->getCode()}): {$e->getMessage()}<br/>" . $e->getTraceAsString();
+		}
+	}
+
 	echo "<br/>All done.";
 }
 ?>