From 2bfd9f9d87cee6a7b9ed0739cf12d1350b47f0fe Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Sat, 20 Jan 2018 22:37:13 -0500
Subject: [PATCH] Add database update function to use new hashes

---
 update.php | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/update.php b/update.php
index 3cfc39e192..00b8d890ec 100644
--- a/update.php
+++ b/update.php
@@ -5,8 +5,7 @@ use Friendica\Core\Config;
 use Friendica\Core\PConfig;
 use Friendica\Core\Worker;
 use Friendica\Database\DBM;
-use Friendica\Model\Photo;
-use Friendica\Object\Image;
+use Friendica\Model\User;
 
 /**
  *
@@ -146,3 +145,19 @@ function update_1203() {
 	$r = q("UPDATE `user` SET `account-type` = %d WHERE `page-flags` IN (%d, %d)",
 		dbesc(ACCOUNT_TYPE_COMMUNITY), dbesc(PAGE_COMMUNITY), dbesc(PAGE_PRVGROUP));
 }
+
+function update_1244() {
+	// Sets legacy_password for all legacy hashes
+	dba::update('user', ['legacy_password' => true], ['SUBSTR(password, 1, 4) != "$2y$"']);
+
+	// All legacy hashes are re-hashed using the new secure hashing function
+	$stmt = dba::select('user', ['uid', 'password'], ['legacy_password' => true]);
+	while($user = dba::fetch($stmt)) {
+		dba::update('user', ['password' => User::hashPassword($user['password'])], ['uid' => $user['uid']]);
+	}
+
+	// Logged in users are forcibly logged out
+	dba::delete('session', ['1 = 1']);
+
+	return UPDATE_SUCCESS;
+}