Issues in wrapOldPasswords.php - All Issues - Inspection of "Daily Inspection: Merge "Add GENDER support to pro..." - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — master (939199)

unknown

created 2016-11-04 17:19 UTC

maintenance/wrapOldPasswords.php (1 issue)

Labels

Severity

Minor 1

Tyler Romeo 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Maintenance script to wrap all old-style passwords in a layered type
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup Maintenance
 */
require_once __DIR__ . '/Maintenance.php';

/**
 * Maintenance script to wrap all passwords of a certain type in a specified layered
 * type that wraps around the old type.
 *
 * @since 1.24
 * @ingroup Maintenance
 */
class WrapOldPasswords extends Maintenance {
	public function __construct() {
		parent::__construct();
		$this->addDescription( 'Wrap all passwords of a certain type in a new layered type' );
		$this->addOption( 'type',
			'Password type to wrap passwords in (must inherit LayeredParameterizedPassword)', true, true );
		$this->addOption( 'verbose', 'Enables verbose output', false, false, 'v' );
		$this->setBatchSize( 100 );
	}

	public function execute() {
		global $wgAuth;

		if ( !$wgAuth->allowSetLocalPassword() ) {
			$this->error( '$wgAuth does not allow local passwords. Aborting.', true );
		}

		$passwordFactory = new PasswordFactory();
		$passwordFactory->init( RequestContext::getMain()->getConfig() );

		$typeInfo = $passwordFactory->getTypes();
		$layeredType = $this->getOption( 'type' );

		// Check that type exists and is a layered type
		if ( !isset( $typeInfo[$layeredType] ) ) {
			$this->error( 'Undefined password type', true );
		}

		$passObj = $passwordFactory->newFromType( $layeredType );
		if ( !$passObj instanceof LayeredParameterizedPassword ) {
			$this->error( 'Layered parameterized password type must be used.', true );
		}

		// Extract the first layer type
		$typeConfig = $typeInfo[$layeredType];
		$firstType = $typeConfig['types'][0];

		// Get a list of password types that are applicable
		$dbw = $this->getDB( DB_MASTER );
		$typeCond = 'user_password' . $dbw->buildLike( ":$firstType:", $dbw->anyString() );

		$minUserId = 0;
		do {
			$this->beginTransaction( $dbw, __METHOD__ );

			$res = $dbw->select( 'user',
				[ 'user_id', 'user_name', 'user_password' ],
				[
					'user_id > ' . $dbw->addQuotes( $minUserId ),
					$typeCond
				],
				__METHOD__,
				[
					'ORDER BY' => 'user_id',
					'LIMIT' => $this->mBatchSize,
					'LOCK IN SHARE MODE',
				]
			);

			/** @var User[] $updateUsers */
			$updateUsers = [];
			foreach ( $res as $row ) {
				if ( $this->hasOption( 'verbose' ) ) {
					$this->output( "Updating password for user {$row->user_name} ({$row->user_id}).\n" );
				}

				$user = User::newFromId( $row->user_id );
				/** @var ParameterizedPassword $password */
				$password = $passwordFactory->newFromCiphertext( $row->user_password );
				/** @var LayeredParameterizedPassword $layeredPassword */
				$layeredPassword = $passwordFactory->newFromType( $layeredType );
				$layeredPassword->partialCrypt( $password );

				$updateUsers[] = $user;
				$dbw->update( 'user',
					[ 'user_password' => $layeredPassword->toString() ],
					[ 'user_id' => $row->user_id ],
					__METHOD__
				);

				$minUserId = $row->user_id;
			}

			$this->commitTransaction( $dbw, __METHOD__ );

			// Clear memcached so old passwords are wiped out
			foreach ( $updateUsers as $user ) {
				$user->clearSharedCache();
			}
		} while ( $res->numRows() );
	}
}

$maintClass = "WrapOldPasswords";
require_once RUN_MAINTENANCE_IF_MAIN;


1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2016-02-23 18:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 32 and the first side effect is on line 23. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2		/**
3		* Maintenance script to wrap all old-style passwords in a layered type
4		*
5		* This program is free software; you can redistribute it and/or modify
6		* it under the terms of the GNU General Public License as published by
7		* the Free Software Foundation; either version 2 of the License, or
8		* (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU General Public License for more details.
14		*
15		* You should have received a copy of the GNU General Public License along
16		* with this program; if not, write to the Free Software Foundation, Inc.,
17		* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18		* http://www.gnu.org/copyleft/gpl.html
19		*
20		* @file
21		* @ingroup Maintenance
22		*/
23		require_once __DIR__ . '/Maintenance.php';
24
25		/**
26		* Maintenance script to wrap all passwords of a certain type in a specified layered
27		* type that wraps around the old type.
28		*
29		* @since 1.24
30		* @ingroup Maintenance
31		*/
32		class WrapOldPasswords extends Maintenance {
33	View Code Duplication	public function __construct() {
34		parent::__construct();
35		$this->addDescription( 'Wrap all passwords of a certain type in a new layered type' );
36		$this->addOption( 'type',
37		'Password type to wrap passwords in (must inherit LayeredParameterizedPassword)', true, true );
38		$this->addOption( 'verbose', 'Enables verbose output', false, false, 'v' );
39		$this->setBatchSize( 100 );
40		}
41
42		public function execute() {
43		global $wgAuth;
44
45		if ( !$wgAuth->allowSetLocalPassword() ) {
46		$this->error( '$wgAuth does not allow local passwords. Aborting.', true );
47		}
48
49		$passwordFactory = new PasswordFactory();
50		$passwordFactory->init( RequestContext::getMain()->getConfig() );
51
52		$typeInfo = $passwordFactory->getTypes();
53		$layeredType = $this->getOption( 'type' );
54
55		// Check that type exists and is a layered type
56		if ( !isset( $typeInfo[$layeredType] ) ) {
57		$this->error( 'Undefined password type', true );
58		}
59
60		$passObj = $passwordFactory->newFromType( $layeredType );
61		if ( !$passObj instanceof LayeredParameterizedPassword ) {
62		$this->error( 'Layered parameterized password type must be used.', true );
63		}
64
65		// Extract the first layer type
66		$typeConfig = $typeInfo[$layeredType];
67		$firstType = $typeConfig['types'][0];
68
69		// Get a list of password types that are applicable
70		$dbw = $this->getDB( DB_MASTER );
71		$typeCond = 'user_password' . $dbw->buildLike( ":$firstType:", $dbw->anyString() );
72
73		$minUserId = 0;
74		do {
75		$this->beginTransaction( $dbw, __METHOD__ );
76
77		$res = $dbw->select( 'user',
78		[ 'user_id', 'user_name', 'user_password' ],
79		[
80		'user_id > ' . $dbw->addQuotes( $minUserId ),
81		$typeCond
82		],
83		__METHOD__,
84		[
85		'ORDER BY' => 'user_id',
86		'LIMIT' => $this->mBatchSize,
87		'LOCK IN SHARE MODE',
88		]
89		);
90
91		/** @var User[] $updateUsers */
92		$updateUsers = [];
93		foreach ( $res as $row ) {
94		if ( $this->hasOption( 'verbose' ) ) {
95		$this->output( "Updating password for user {$row->user_name} ({$row->user_id}).\n" );
96		}
97
98		$user = User::newFromId( $row->user_id );
99		/** @var ParameterizedPassword $password */
100		$password = $passwordFactory->newFromCiphertext( $row->user_password );
101		/** @var LayeredParameterizedPassword $layeredPassword */
102		$layeredPassword = $passwordFactory->newFromType( $layeredType );
103		$layeredPassword->partialCrypt( $password );
104
105		$updateUsers[] = $user;
106		$dbw->update( 'user',
107		[ 'user_password' => $layeredPassword->toString() ],
108		[ 'user_id' => $row->user_id ],
109		__METHOD__
110		);
111
112		$minUserId = $row->user_id;
113		}
114
115		$this->commitTransaction( $dbw, __METHOD__ );
116
117		// Clear memcached so old passwords are wiped out
118		foreach ( $updateUsers as $user ) {
119		$user->clearSharedCache();
120		}
121		} while ( $res->numRows() );
122		}
123		}
124
125		$maintClass = "WrapOldPasswords";
126		require_once RUN_MAINTENANCE_IF_MAIN;
127

wikimedia / mediawiki

Branch — master (939199)

maintenance/wrapOldPasswords.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like