Ejemplo n.º 1
0
 function set_password($new_pass = '', $old_pass = false)
 {
     if (!is_numeric($this->group_id)) {
         $this->error = "Invalid group id";
         return false;
     }
     if ($new_pass == '') {
         $this->error = "password can not be empty";
         return false;
     }
     // 1st check if this is group already has a password, or if this is a new pass
     // if it already has a pass we need to check 1st of the old password is correct.
     if ($this->has_password() === false) {
         return false;
     } elseif ($this->has_password() == 0) {
         // New password, do nothing
     } else {
         // Change of existing pass, check old pass 1st
         $priv_data_obj = new PrivateData();
         if (!$priv_data_obj->verify_group_key($this->group_id, $old_pass)) {
             $this->error = $priv_data_obj->get_error();
             return false;
         }
     }
     // We need to check if there is already data encrypted with this password.
     // Or if this is this the first password for this group.
     // If there is already data encrypted with this password it means we
     // need to find these data entried, decrypt them with the old pass
     // and then encrypt all of them with the new pass
     // So let's start by checking if there are secret data entried for this
     // group or not.
     $query = "select secret_data_id FROM secret_data_groups\t\n\t\t\tWHERE aaa_groups_id = '{$this->group_id}'";
     $result = mysql_query($query);
     // Now Count number of rows that are encrypted for this group
     // If more than 0, we need to update and need old pass (check for that)
     // let's keep a record of the data_id's we need to update
     $data_ids = array();
     if (mysql_num_rows($result) > 0) {
         // Check old pass
         if ($old_pass == false) {
             $this->error = "No old password provided, This group already has encrypted data";
             return false;
         }
         while ($obj = mysql_fetch_object($result)) {
             $data_ids[$obj->secret_data_id] = $obj->secret_data_id;
         }
     } else {
         // No passwords yet
     }
     // now we have list of old encrypted entries.
     // Let's start updating.
     // we need a transaction for this.
     // We need to update multiple tables, so we'll use a transaction with commit
     mysql_query("BEGIN") or die("Error, start of transaction failed " . mysql_error());
     $commit_ok = true;
     $commit_log = '';
     foreach ($data_ids as $data_id => $old_secret_data) {
         if ($commit_ok == false) {
             break;
         }
         unset($secret);
         $secret = new PrivateData($data_id);
         if ($secret->update_private_data($new_pass, $old_pass)) {
             // Good
         } else {
             $commit_ok = false;
             $commit_log = $secret->get_error();
         }
     }
     $verifcation_string = false;
     $verifcation_string = PrivateData::VERIFICATION_STRING;
     if ($verifcation_string == false) {
         $commit_log = "Unable to retrieve verification string";
         $commit_ok = false;
     }
     if ($commit_ok) {
         $query = "Update AAA_groups \n\t\t\t\tSET verification_string_encr = aes_encrypt('{$verifcation_string}','{$new_pass}')\n\t\t\t\tWHERE group_id = '{$this->group_id}' ";
         $result = mysql_query($query);
         if (!$result) {
             $commit_ok = false;
             $commit_log = mysql_error() . "query was {$query}";
         }
     }
     // Now of all went ok we commit
     if ($commit_ok == true) {
         $result = mysql_query("COMMIT");
         if ($result) {
             // Good
             return true;
         } else {
             $this->error = "Failed to Commit: " . mysql_error();
             return false;
         }
     } else {
         mysql_query("ROLLBACK") or die("Error, Rollback failed " . mysql_error());
         $this->error = "Failed, doing rollback. {$commit_log}";
         return false;
     }
 }