/** * Switch the crypto lib to defuse/php-encryption * * @throws Exception */ private function schema5() { if (!is_writable(ELAB_ROOT . 'config.php')) { throw new Exception('Please make your config file writable by server for this update.'); } $legacy = new \Elabftw\Elabftw\LegacyCrypto(); // our new key (raw binary string) try { $new_secret_key = Crypto::CreateNewRandomKey(); } catch (Exception $e) { die($e->getMessage()); } $new_smtp_password = ''; $new_stamp_password = ''; if (strlen(get_config('smtp_password')) > 0) { $old_smtp_password = $legacy->decrypt(get_config('smtp_password')); $new_smtp_password = Crypto::binTohex(Crypto::encrypt($old_smtp_password, $new_secret_key)); } if (strlen(get_config('stamppass')) > 0) { // get the old passwords $old_stamp_password = $legacy->decrypt(get_config('stamppass')); $new_stamp_password = Crypto::binTohex(Crypto::encrypt($old_stamp_password, $new_secret_key)); } $updates = array('smtp_password' => $new_smtp_password, 'stamppass' => $new_stamp_password); if (!update_config($updates)) { throw new Exception('Error updating config with new passwords!'); } // we will rewrite the config file with the new key $contents = "<?php\ndefine('DB_HOST', '" . DB_HOST . "');\ndefine('DB_NAME', '" . DB_NAME . "');\ndefine('DB_USER', '" . DB_USER . "');\ndefine('DB_PASSWORD', '" . DB_PASSWORD . "');\ndefine('ELAB_ROOT', '" . ELAB_ROOT . "');\ndefine('SECRET_KEY', '" . Crypto::binTohex($new_secret_key) . "');\n"; if (file_put_contents('config.php', $contents) == 'false') { throw new Exception('There was a problem writing the file!'); } }
} catch (Exception $e) { die('Error : ' . $e->getMessage()); } // now import the structure try { import_sql_structure(); } catch (Exception $e) { die('Error importing the SQL structure: ' . $e->getMessage()); } // BUILD CONFIG FILE // the new file to write to $config_file = '../config.php'; $elab_root = substr(realpath(__FILE__), 0, -20) . '/'; // make a new secret key try { $new_secret_key = \Defuse\Crypto\Crypto::CreateNewRandomKey(); } catch (Exception $e) { die($e->getMessage()); } // what we will write in the file $config = "<?php\ndefine('DB_HOST', '" . $db_host . "');\ndefine('DB_NAME', '" . $db_name . "');\ndefine('DB_USER', '" . $db_user . "');\ndefine('DB_PASSWORD', '" . $db_password . "');\ndefine('ELAB_ROOT', '" . $elab_root . "');\ndefine('SECRET_KEY', '" . \Defuse\Crypto\Crypto::binToHex($new_secret_key) . "');\n"; // we try to write content to file and propose the file for download if we can't write to it if (file_put_contents($config_file, $config)) { // it's cool, we managed to write the config file // let's put restricting permissions on it as discussed in #129 if (is_writable($config_file)) { chmod($config_file, 0400); } $infos_arr = array(); $infos_arr[] = 'Congratulations, you successfully installed eLabFTW, now you need to <strong>register</strong> your account (you will have admin rights).';