}
if (!$table_is_here) {
$pdo->q("CREATE TABLE IF NOT EXISTS `items_revisions` (\n `id` int(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,\n `item_id` int(10) unsigned NOT NULL,\n `body` text NOT NULL,\n `savedate` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `userid` int(11) NOT NULL\n ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;");
}
// 20150324 : adding secret key used to encrypt the SMTP password
// first we check if we can write the config file
if (!is_writable('config.php')) {
// check that there is no secret key already
if (!defined('SECRET_KEY')) {
$msg_arr[] = "[ERROR] Please allow webserver to write config file, or add SECRET_KEY yourself to config.php. <a href='doc/_build/html/common-errors.html#add-the-secret-key'>Link to documentation</a>";
$_SESSION['errors'] = $msg_arr;
header('Location: sysconfig.php');
exit;
}
} elseif (is_writable('config.php') && !defined('SECRET_KEY')) {
$crypto = new \Elabftw\Elabftw\LegacyCrypto();
// add generated strings to config file
// the IV is stored in hex
$data_to_add = "\ndefine('SECRET_KEY', '" . $crypto->secretKey . "');\ndefine('IV', '" . bin2hex($crypto->iv) . "');\n";
try {
file_put_contents('config.php', $data_to_add, FILE_APPEND);
} catch (Exception $e) {
$msg_arr[] = "[ERROR] " . $e->getMessage();
$_SESSION['errors'] = $msg_arr;
header('Location: sysconfig.php');
exit;
}
// ok so now we have a secret key, an IV and we want to convert our old cleartext SMTP password to an encrypted one
$config_arr = array();
// if there is a password in cleartext in the database, we encrypt it
if (strlen(get_config('smtp_password')) > 0) {
/**
* Switch the crypto lib to defuse/php-encryption
*
* @throws Exception
*/
private function schema5()
{
if (!is_writable(ELAB_ROOT . 'config.php')) {
throw new Exception('Please make your config file writable by server for this update.');
}
$legacy = new \Elabftw\Elabftw\LegacyCrypto();
// our new key (raw binary string)
try {
$new_secret_key = Crypto::CreateNewRandomKey();
} catch (Exception $e) {
die($e->getMessage());
}
$new_smtp_password = '';
$new_stamp_password = '';
if (strlen(get_config('smtp_password')) > 0) {
$old_smtp_password = $legacy->decrypt(get_config('smtp_password'));
$new_smtp_password = Crypto::binTohex(Crypto::encrypt($old_smtp_password, $new_secret_key));
}
if (strlen(get_config('stamppass')) > 0) {
// get the old passwords
$old_stamp_password = $legacy->decrypt(get_config('stamppass'));
$new_stamp_password = Crypto::binTohex(Crypto::encrypt($old_stamp_password, $new_secret_key));
}
$updates = array('smtp_password' => $new_smtp_password, 'stamppass' => $new_stamp_password);
if (!update_config($updates)) {
throw new Exception('Error updating config with new passwords!');
}
// we will rewrite the config file with the new key
$contents = "<?php\ndefine('DB_HOST', '" . DB_HOST . "');\ndefine('DB_NAME', '" . DB_NAME . "');\ndefine('DB_USER', '" . DB_USER . "');\ndefine('DB_PASSWORD', '" . DB_PASSWORD . "');\ndefine('ELAB_ROOT', '" . ELAB_ROOT . "');\ndefine('SECRET_KEY', '" . Crypto::binTohex($new_secret_key) . "');\n";
if (file_put_contents('config.php', $contents) == 'false') {
throw new Exception('There was a problem writing the file!');
}
}
