function set_password($new_pass = '', $old_pass = false) { if (!is_numeric($this->group_id)) { $this->error = "Invalid group id"; return false; } if ($new_pass == '') { $this->error = "password can not be empty"; return false; } // 1st check if this is group already has a password, or if this is a new pass // if it already has a pass we need to check 1st of the old password is correct. if ($this->has_password() === false) { return false; } elseif ($this->has_password() == 0) { // New password, do nothing } else { // Change of existing pass, check old pass 1st $priv_data_obj = new PrivateData(); if (!$priv_data_obj->verify_group_key($this->group_id, $old_pass)) { $this->error = $priv_data_obj->get_error(); return false; } } // We need to check if there is already data encrypted with this password. // Or if this is this the first password for this group. // If there is already data encrypted with this password it means we // need to find these data entried, decrypt them with the old pass // and then encrypt all of them with the new pass // So let's start by checking if there are secret data entried for this // group or not. $query = "select secret_data_id FROM secret_data_groups\t\n\t\t\tWHERE aaa_groups_id = '{$this->group_id}'"; $result = mysql_query($query); // Now Count number of rows that are encrypted for this group // If more than 0, we need to update and need old pass (check for that) // let's keep a record of the data_id's we need to update $data_ids = array(); if (mysql_num_rows($result) > 0) { // Check old pass if ($old_pass == false) { $this->error = "No old password provided, This group already has encrypted data"; return false; } while ($obj = mysql_fetch_object($result)) { $data_ids[$obj->secret_data_id] = $obj->secret_data_id; } } else { // No passwords yet } // now we have list of old encrypted entries. // Let's start updating. // we need a transaction for this. // We need to update multiple tables, so we'll use a transaction with commit mysql_query("BEGIN") or die("Error, start of transaction failed " . mysql_error()); $commit_ok = true; $commit_log = ''; foreach ($data_ids as $data_id => $old_secret_data) { if ($commit_ok == false) { break; } unset($secret); $secret = new PrivateData($data_id); if ($secret->update_private_data($new_pass, $old_pass)) { // Good } else { $commit_ok = false; $commit_log = $secret->get_error(); } } $verifcation_string = false; $verifcation_string = PrivateData::VERIFICATION_STRING; if ($verifcation_string == false) { $commit_log = "Unable to retrieve verification string"; $commit_ok = false; } if ($commit_ok) { $query = "Update AAA_groups \n\t\t\t\tSET verification_string_encr = aes_encrypt('{$verifcation_string}','{$new_pass}')\n\t\t\t\tWHERE group_id = '{$this->group_id}' "; $result = mysql_query($query); if (!$result) { $commit_ok = false; $commit_log = mysql_error() . "query was {$query}"; } } // Now of all went ok we commit if ($commit_ok == true) { $result = mysql_query("COMMIT"); if ($result) { // Good return true; } else { $this->error = "Failed to Commit: " . mysql_error(); return false; } } else { mysql_query("ROLLBACK") or die("Error, Rollback failed " . mysql_error()); $this->error = "Failed, doing rollback. {$commit_log}"; return false; } }