Skip to:
Content

bbPress.org


Ignore:
Timestamp:
03/08/2022 03:36:53 AM (3 years ago)
Author:
johnjamesjacoby
Message:

Converter: remove _bbp_class key on successful authentication.

This change cleans up the usermeta key that is used to determine if the relative user has a password from a converted platform that still needs to be rehashed.

Cleaning this up fixes a bug that would cause recurrent conversions from some platforms.

In trunk, for 2.7.0.

Props sirlouen. Fixes #3419.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/admin/classes/class-bbp-converter-base.php

    r7006 r7244  
    10471047     * @param string $password
    10481048     */
    1049     public function callback_pass( $username, $password ) {
     1049    public function callback_pass( $username = '', $password = '' ) {
     1050
     1051        // Get user – Bail if not found
    10501052        $user = $this->get_row( $this->wpdb->prepare( "SELECT * FROM {$this->wpdb->users} WHERE user_login = %s AND user_pass = '' LIMIT 1", $username ) );
    1051         if ( ! empty( $user ) ) {
    1052             $usermeta = $this->get_row( $this->wpdb->prepare( "SELECT * FROM {$this->wpdb->usermeta} WHERE meta_key = %s AND user_id = %d LIMIT 1", '_bbp_password', $user->ID ) );
    1053 
    1054             if ( ! empty( $usermeta ) ) {
    1055                 if ( $this->authenticate_pass( $password, $usermeta->meta_value ) ) {
    1056                     $this->query( $this->wpdb->prepare( "UPDATE {$this->wpdb->users} SET user_pass = %s WHERE ID = %d", wp_hash_password( $password ), $user->ID ) );
    1057                     $this->query( $this->wpdb->prepare( "DELETE FROM {$this->wpdb->usermeta} WHERE meta_key = %s AND user_id = %d", '_bbp_password', $user->ID ) );
    1058 
    1059                     // Clean the cache for this user since their password was
    1060                     // upgraded from the old platform to the new.
    1061                     clean_user_cache( $user->ID );
    1062                 }
    1063             }
    1064         }
     1053        if ( empty( $user ) ) {
     1054            return;
     1055        }
     1056
     1057        // Get usermeta – Bail if not found
     1058        $usermeta = $this->get_row( $this->wpdb->prepare( "SELECT * FROM {$this->wpdb->usermeta} WHERE meta_key = %s AND user_id = %d LIMIT 1", '_bbp_password', $user->ID ) );
     1059        if ( empty( $usermeta ) ) {
     1060            return;
     1061        }
     1062
     1063        // Bail if auth fails
     1064        if ( ! $this->authenticate_pass( $password, $usermeta->meta_value ) ) {
     1065            return;
     1066        }
     1067
     1068        // Hash the password
     1069        $new_pass = wp_hash_password( $password );
     1070
     1071        // Update
     1072        $this->query( $this->wpdb->prepare( "UPDATE {$this->wpdb->users} SET user_pass = %s WHERE ID = %d", $new_pass, $user->ID ) );
     1073
     1074        // Clean up
     1075        unset( $new_pass );
     1076        $this->query( $this->wpdb->prepare( "DELETE FROM {$this->wpdb->usermeta} WHERE meta_key = %s AND user_id = %d", '_bbp_password', $user->ID ) );
     1077        $this->query( $this->wpdb->prepare( "DELETE FROM {$this->wpdb->usermeta} WHERE meta_key = %s AND user_id = %d", '_bbp_class',    $user->ID ) );
     1078
     1079        // Clean the cache for this user since their password was
     1080        // upgraded from the old platform to the new.
     1081        clean_user_cache( $user->ID );
    10651082    }
    10661083
Note: See TracChangeset for help on using the changeset viewer.