Changed cookies, deleted o_database_revision

app/Core/Cookie/UserCookie.php

@@ -5,6 +5,8 @@ namespace ForkBB\Core\Cookie;
 class UserCookie
 {
     const NAME = 'user';
+    const KEY1 = 'key1';
+    const KEY2 = 'key2';
 
     /**
      * @var Secury
@@ -78,28 +80,22 @@ class UserCookie
         $ckUser = $this->cookie->get(self::NAME);
 
         if (null === $ckUser
-            || ! preg_match('%^([\+\-])(\d{1,10})\-(\d{10})\-([a-f\d]{32,})\-([a-f\d]{32,})$%Di', $ckUser, $matches)
+            || ! preg_match('%^(\-)?(\d{1,10})_(\d{10})_([a-f\d]{32,})_([a-f\d]{32,})$%Di', $ckUser, $ms)
         ) {
             return;
         }
 
-        $remember = $matches[1] === '+';
-        $uId = (int) $matches[2];
-        $expTime = (int) $matches[3];
-        $passHash = $matches[4];
-        $ckHash = $matches[5];
-
-        if ($uId < 2
-            || $expTime < time()
-            || ! hash_equals($this->secury->hmac($uId . $expTime . $passHash, 'cookie'), $ckHash)
+        if (2 > $ms[2]
+            || time() > $ms[3]
+            || ! hash_equals($this->secury->hmac($ms[1] . $ms[2] . $ms[3] . $ms[4], self::KEY1), $ms[5])
         ) {
             return;
         }
 
-        $this->remember = $remember;
-        $this->uId = $uId;
-        $this->expTime = $expTime;
-        $this->passHash = $passHash;
+        $this->remember = empty($ms[1]);
+        $this->uId      = (int) $ms[2];
+        $this->expTime  = (int) $ms[3];
+        $this->passHash = $ms[4];
     }
 
     /**
@@ -122,9 +118,8 @@ class UserCookie
      */
     public function verifyHash($id, $hash)
     {
-        return (int) $id === $this->uId
-               && hash_equals($this->passHash, $this->secury->hmac($hash . $this->expTime, 'password'));
-
+        return $this->uId === (int) $id
+               && hash_equals($this->passHash, $this->secury->hmac($hash . $this->expTime, self::KEY2));
     }
 
     /**
@@ -144,22 +139,22 @@ class UserCookie
 
         if ($remember
             || (null === $remember
-                && (int) $id === $this->uId
+                && $this->uId === (int) $id
                 && $this->remember
             )
         ) {
             $expTime = time() + $this->timeMax;
             $expire = $expTime;
-            $prefix = '+';
+            $pfx = '';
         } else {
             $expTime = time() + $this->timeMin;
             $expire = 0;
-            $prefix = '-';
+            $pfx = '-';
         }
-        $passHash = $this->secury->hmac($hash . $expTime, 'password');
-        $ckHash = $this->secury->hmac($id . $expTime . $passHash, 'cookie');
+        $passHash = $this->secury->hmac($hash . $expTime, self::KEY2);
+        $ckHash = $this->secury->hmac($pfx . $id . $expTime . $passHash, self::KEY1);
 
-        return $this->cookie->set(self::NAME, $prefix . $id . '-' . $expTime . '-' . $passHash . '-' . $ckHash, $expire);
+        return $this->cookie->set(self::NAME, $pfx . $id . '_' . $expTime . '_' . $passHash . '_' . $ckHash, $expire);
     }
 
     /**

app/Core/Install.php

@@ -1905,7 +1905,6 @@ foreach ($styles as $temp)
             $pun_config = array(
                 's_fork_version'          => FORK_VERSION,
                 'i_fork_revision'         => FORK_REVISION,
-                'o_database_revision'     => FORK_DB_REVISION,
                 'o_searchindex_revision'  => FORK_SI_REVISION,
                 'o_parser_revision'       => FORK_PARSER_REVISION,
                 'o_board_title'           => $title,

db_update.php

@@ -9,7 +9,6 @@
 // The FluxBB version this script updates to
 define('UPDATE_TO', '0.0.0');
 define('UPDATE_TO_VER_REVISION', 1);
-define('UPDATE_TO_DB_REVISION', 21);
 define('UPDATE_TO_SI_REVISION', 2.1);
 define('UPDATE_TO_PARSER_REVISION', 2);
 
@@ -663,17 +662,12 @@ switch ($stage)
 
             $db->query('DELETE FROM '.$db->prefix.'config WHERE conf_name=\'o_cur_version\'') or error('Unable to delete config value \'o_cur_version\'', __FILE__, __LINE__, $db->error());
             $db->query('DELETE FROM '.$db->prefix.'config WHERE conf_name=\'o_cur_ver_revision\'') or error('Unable to delete config value \'o_cur_ver_revision\'', __FILE__, __LINE__, $db->error());
+            $db->query('DELETE FROM '.$db->prefix.'config WHERE conf_name=\'o_database_revision\'') or error('Unable to delete config value \'o_database_revision\'', __FILE__, __LINE__, $db->error());
             $db->query('DELETE FROM '.$db->prefix.'config WHERE conf_name=\'o_base_url\'') or error('Unable to delete config value \'o_base_url\'', __FILE__, __LINE__, $db->error());
 
             $db->alter_field('users', 'password', 'VARCHAR(255)', false, '') or error('Unable to alter password field', __FILE__, __LINE__, $db->error());
 
         }
-
-
-		// If we don't need to update the database, skip this stage
-		if (isset($pun_config['o_database_revision']) && $pun_config['o_database_revision'] >= UPDATE_TO_DB_REVISION)
-			break;
-
 		break;
 
 
@@ -1332,9 +1326,6 @@ foreach ($errors[$id] as $cur_error)
 		// Обновляем номер сборки - Visman
 		$db->query('UPDATE '.$db->prefix.'config SET conf_value = \''.UPDATE_TO_VER_REVISION.'\' WHERE conf_name = \'i_fork_revision\'') or error('Unable to update revision', __FILE__, __LINE__, $db->error());
 
-		// And the database revision number
-		$db->query('UPDATE '.$db->prefix.'config SET conf_value = \''.UPDATE_TO_DB_REVISION.'\' WHERE conf_name = \'o_database_revision\'') or error('Unable to update database revision number', __FILE__, __LINE__, $db->error());
-
 		// And the search index revision number
 		$db->query('UPDATE '.$db->prefix.'config SET conf_value = \''.UPDATE_TO_SI_REVISION.'\' WHERE conf_name = \'o_searchindex_revision\'') or error('Unable to update search index revision number', __FILE__, __LINE__, $db->error());
 

include/common.php

@@ -12,7 +12,6 @@ if (!defined('PUN_ROOT'))
 // Define the version and database revision that this code was written for
 define('FORK_VERSION', '0.0.0');
 define('FORK_REVISION', 1);
-define('FORK_DB_REVISION', 21);
 define('FORK_SI_REVISION', 2.1);
 define('FORK_PARSER_REVISION', 2);