From 14f6017a5b84d70320bde9d6e074ea8ac948a85e Mon Sep 17 00:00:00 2001
From: Arun Persaud <arun@nubati.net>
Date: Sat, 22 Sep 2012 12:38:58 -0700
Subject: updated to better password hash: use crypt instead of md5

the upgrade will be done automatically when a user logs in, password recovery is still based
on md5, but that should be OK, since it's a random generated password anyway
---
 update_db.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'update_db.php')

diff --git a/update_db.php b/update_db.php
index edb01f9..323d914 100644
--- a/update_db.php
+++ b/update_db.php
@@ -38,7 +38,7 @@ if(isset($_SERVER['REMOTE_ADDR']))
   exit();
 
 $old_version = DB_get_version();
-$current_version = 4;
+$current_version = 5;
 
 if($old_version < $current_version)
   echo "Will upgrade your database now:\n";
@@ -81,6 +81,10 @@ switch($old_version)
 	     " ADD COLUMN `type` enum('misc','your_turn') NOT NULL default 'misc' AFTER create_date");
     DB_query("UPDATE Version set version=4");
     echo "Upgraded to version 4.\n";
+  case 4:
+    DB_query("ALTER TABLE User MODIFY password varchar(64)");
+    DB_query("UPDATE Version set version=5");
+    echo "Upgraded to version 5.\n";
 
   }
 
-- 
cgit v1.2.3-18-g5258