Coding style (new password hash code)

qa-include/db/install.php

@@ -1460,13 +1460,13 @@
 
 					break;
 
-			//	Up to here: Version 1.8 alpha
-
 				case 62:
+					// add column to qa_users to handle new bcrypt passwords
 					qa_db_upgrade_query('ALTER TABLE ^users ADD COLUMN passhash '.$definitions['users']['passhash'].' AFTER passcheck');
 					qa_db_upgrade_query($locktablesquery);
 					break;
 
+			//	Up to here: Version 1.8 alpha
 			}
 
 			qa_db_set_db_version($newversion);

qa-include/db/users.php

@@ -44,14 +44,14 @@
 	{
 		require_once QA_INCLUDE_DIR.'util/string.php';
 
-		if(!qa_php_version_below('5.3.7')){
+		if (!qa_php_version_below('5.3.7')) {
 			qa_db_query_sub(
 				'INSERT INTO ^users (created, createip, email, passhash, level, handle, loggedin, loginip) '.
 				'VALUES (NOW(), COALESCE(INET_ATON($), 0), $, $, #, $, NOW(), COALESCE(INET_ATON($), 0))',
 				$ip, $email, isset($password) ? password_hash($password, PASSWORD_BCRYPT) : null, (int)$level, $handle, $ip
 			);
 		} else {
-			$salt=isset($password) ? qa_random_alphanum(16) : null;
+			$salt = isset($password) ? qa_random_alphanum(16) : null;
 
 			qa_db_query_sub(
 				'INSERT INTO ^users (created, createip, email, passsalt, passcheck, level, handle, loggedin, loginip) '.
@@ -163,13 +163,13 @@
 
 		require_once QA_INCLUDE_DIR.'util/string.php';
 
-		if(!qa_php_version_below('5.3.7')){
+		if (!qa_php_version_below('5.3.7')) {
 			qa_db_query_sub(
 				'UPDATE ^users SET passhash=$, passsalt=NULL, passcheck=NULL WHERE userid=$',
 				password_hash($password, PASSWORD_BCRYPT), $userid
 			);
 		} else {
-			$salt=qa_random_alphanum(16);
+			$salt = qa_random_alphanum(16);
 
 			qa_db_query_sub(
 				'UPDATE ^users SET passsalt=$, passcheck=UNHEX($) WHERE userid=$',

qa-include/pages/account.php

@@ -37,7 +37,7 @@
 	if (QA_FINAL_EXTERNAL_USERS)
 		qa_fatal_error('User accounts are handled by external code');
 
-	$userid=qa_get_logged_in_userid();
+	$userid = qa_get_logged_in_userid();
 
 	if (!isset($userid))
 		qa_redirect('login');
@@ -52,14 +52,15 @@
 		qa_db_userfields_selectspec()
 	);
 
-	$changehandle=qa_opt('allow_change_usernames') || ((!$userpoints['qposts']) && (!$userpoints['aposts']) && (!$userpoints['cposts']));
-	$doconfirms=qa_opt('confirm_user_emails') && ($useraccount['level']<QA_USER_LEVEL_EXPERT);
-	$isconfirmed=($useraccount['flags'] & QA_USER_FLAGS_EMAIL_CONFIRMED) ? true : false;
-	if(!qa_php_version_below('5.3.7')){
-		$haspasswordold=isset($useraccount['passsalt']) && isset($useraccount['passcheck']);
-		$haspassword=isset($useraccount['passhash']);
+	$changehandle = qa_opt('allow_change_usernames') || (!$userpoints['qposts'] && !$userpoints['aposts'] && !$userpoints['cposts']);
+	$doconfirms = qa_opt('confirm_user_emails') && $useraccount['level'] < QA_USER_LEVEL_EXPERT;
+	$isconfirmed = ($useraccount['flags'] & QA_USER_FLAGS_EMAIL_CONFIRMED) ? true : false;
+
+	if (!qa_php_version_below('5.3.7')) {
+		$haspasswordold = isset($useraccount['passsalt']) && isset($useraccount['passcheck']);
+		$haspassword = isset($useraccount['passhash']);
 	} else {
-		$haspassword=isset($useraccount['passsalt']) && isset($useraccount['passcheck']);
+		$haspassword = isset($useraccount['passsalt']) && isset($useraccount['passcheck']);
 	}
 	$permit_error = qa_user_permit_error();
 	$isblocked = $permit_error !== false;
@@ -210,16 +211,18 @@
 			else {
 				$errors = array();
 
-				if(!qa_php_version_below('5.3.7')){
+				if (!qa_php_version_below('5.3.7')) {
 					if (
 						($haspasswordold && (strtolower(qa_db_calc_passcheck($inoldpassword, $useraccount['passsalt'])) != strtolower($useraccount['passcheck']))) ||
 						(!$haspasswordold && $haspassword && !password_verify($inoldpassword,$useraccount['passhash']))
-					)
+					) {
 						$errors['oldpassword'] = qa_lang('users/password_wrong');
+					}
 				} else {
-					if ($haspassword && (strtolower(qa_db_calc_passcheck($inoldpassword, $useraccount['passsalt'])) != strtolower($useraccount['passcheck'])))
+					if ($haspassword && (strtolower(qa_db_calc_passcheck($inoldpassword, $useraccount['passsalt'])) != strtolower($useraccount['passcheck']))) {
 						$errors['oldpassword'] = qa_lang('users/password_wrong');
 					}
+				}
 
 				$useraccount['password'] = $inoldpassword;
 				$errors = $errors + qa_password_validate($innewpassword1, $useraccount); // array union

qa-include/pages/login.php

@@ -68,18 +68,21 @@
 					$inuserid=$matchusers[0];
 					$userinfo=qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true));
 
-					if(!qa_php_version_below('5.3.7')){
+					if (!qa_php_version_below('5.3.7')) {
 						$haspassword=isset($userinfo['passhash']);
 						$haspasswordold=isset($userinfo['passsalt']) && isset($userinfo['passcheck']);
 
 						if (
 							($haspasswordold && strtolower(qa_db_calc_passcheck($inpassword, $userinfo['passsalt'])) == strtolower($userinfo['passcheck'])) ||
 							($haspassword && password_verify($inpassword,$userinfo['passhash']))
-						){ // login and redirect
-	
+						) {
+							// login and redirect
 							require_once QA_INCLUDE_DIR.'app/users.php';
+
 							// upgrade password or rehash, when options like the cost parameter changed
-							if($haspasswordold || password_needs_rehash($userinfo['passhash'], PASSWORD_BCRYPT)) qa_db_user_set_password($inuserid, $inpassword);
+							if ($haspasswordold || password_needs_rehash($userinfo['passhash'], PASSWORD_BCRYPT)) {
+								qa_db_user_set_password($inuserid, $inpassword);
+							}
 							qa_set_logged_in_user($inuserid, $userinfo['handle'], !empty($inremember));
 
 							$topath=qa_get('to');

qa-include/qa-base.php

@@ -77,7 +77,9 @@
 	qa_load_plugin_files();
 	qa_load_override_files();
 
-	if(!qa_php_version_below('5.3.7')) require_once QA_INCLUDE_DIR.'vendor/password_compat.php';
+	if (!qa_php_version_below('5.3.7')) {
+		require_once QA_INCLUDE_DIR.'vendor/password_compat.php';
+	}
 	require_once QA_INCLUDE_DIR.'qa-db.php';
 
 	qa_db_allow_connect();