function set_password($new_pass = '', $old_pass = false)
{
if (!is_numeric($this->group_id)) {
$this->error = "Invalid group id";
return false;
}
if ($new_pass == '') {
$this->error = "password can not be empty";
return false;
}
// 1st check if this is group already has a password, or if this is a new pass
// if it already has a pass we need to check 1st of the old password is correct.
if ($this->has_password() === false) {
return false;
} elseif ($this->has_password() == 0) {
// New password, do nothing
} else {
// Change of existing pass, check old pass 1st
$priv_data_obj = new PrivateData();
if (!$priv_data_obj->verify_group_key($this->group_id, $old_pass)) {
$this->error = $priv_data_obj->get_error();
return false;
}
}
// We need to check if there is already data encrypted with this password.
// Or if this is this the first password for this group.
// If there is already data encrypted with this password it means we
// need to find these data entried, decrypt them with the old pass
// and then encrypt all of them with the new pass
// So let's start by checking if there are secret data entried for this
// group or not.
$query = "select secret_data_id FROM secret_data_groups\t\n\t\t\tWHERE aaa_groups_id = '{$this->group_id}'";
$result = mysql_query($query);
// Now Count number of rows that are encrypted for this group
// If more than 0, we need to update and need old pass (check for that)
// let's keep a record of the data_id's we need to update
$data_ids = array();
if (mysql_num_rows($result) > 0) {
// Check old pass
if ($old_pass == false) {
$this->error = "No old password provided, This group already has encrypted data";
return false;
}
while ($obj = mysql_fetch_object($result)) {
$data_ids[$obj->secret_data_id] = $obj->secret_data_id;
}
} else {
// No passwords yet
}
// now we have list of old encrypted entries.
// Let's start updating.
// we need a transaction for this.
// We need to update multiple tables, so we'll use a transaction with commit
mysql_query("BEGIN") or die("Error, start of transaction failed " . mysql_error());
$commit_ok = true;
$commit_log = '';
foreach ($data_ids as $data_id => $old_secret_data) {
if ($commit_ok == false) {
break;
}
unset($secret);
$secret = new PrivateData($data_id);
if ($secret->update_private_data($new_pass, $old_pass)) {
// Good
} else {
$commit_ok = false;
$commit_log = $secret->get_error();
}
}
$verifcation_string = false;
$verifcation_string = PrivateData::VERIFICATION_STRING;
if ($verifcation_string == false) {
$commit_log = "Unable to retrieve verification string";
$commit_ok = false;
}
if ($commit_ok) {
$query = "Update AAA_groups \n\t\t\t\tSET verification_string_encr = aes_encrypt('{$verifcation_string}','{$new_pass}')\n\t\t\t\tWHERE group_id = '{$this->group_id}' ";
$result = mysql_query($query);
if (!$result) {
$commit_ok = false;
$commit_log = mysql_error() . "query was {$query}";
}
}
// Now of all went ok we commit
if ($commit_ok == true) {
$result = mysql_query("COMMIT");
if ($result) {
// Good
return true;
} else {
$this->error = "Failed to Commit: " . mysql_error();
return false;
}
} else {
mysql_query("ROLLBACK") or die("Error, Rollback failed " . mysql_error());
$this->error = "Failed, doing rollback. {$commit_log}";
return false;
}
}