MantisBT - ATutor
View Issue Details
0003556ATutorUpgradingpublic2008-09-07 00:082008-11-14 08:22
IndieRect 
harris 
normalminorsometimes
closedfixed 
1.6.1 
1.6.2 
SVN
0003556: Repetitive table alterations during upgrade
If altering some tables on upgrade step 2 fails and user presses "Retry" then the upgrade script seems to repeat altering ALL tables, not only those that failed.

In 1.6.1pl1 it may cause an inability to log in:
I had to press the button several times, and, as a result, found passwords in the DB to be equal to sha1(sha1(sha1(sha1(password)))).

Suggestion:
If altering any tables on upgrade step 2 fails, the script should retry altering only those tables, not all.
No tags attached.
Issue History
2008-09-07 00:08IndieRectNew Issue
2008-09-07 00:08IndieRectAffects version => SVN
2008-09-08 07:56harrisNote Added: 0003166
2008-11-10 09:25harrisStatusnew => assigned
2008-11-10 09:25harrisAssigned To => harris
2008-11-10 09:28harrisStatusassigned => resolved
2008-11-10 09:28harrisFixed in Version => 1.6.2
2008-11-10 09:28harrisResolutionopen => fixed
2008-11-10 09:28harrisNote Added: 0003290
2008-11-14 08:22gregStatusresolved => closed

Notes
(0003166)
harris   
2008-09-08 07:56   
So this is what causes some failures on users log in.

Thanks for finding this out.
(0003290)
harris   
2008-11-10 09:28   
ustep2 runs through a series of sql statements through the .sql file. When a query failed and the user was asked to retry, all the .sql files will be run again and thus the repeated password encryption.

A quick fix to this is to run the encryption line iff the ||password|| < 40, because only then the pre161 non-SHA1 encrypted password will be converted. Given that the db password length was only 20.


8194