Commit 0afc1a25 authored by Robert Lyon's avatar Robert Lyon Committed by Gerrit Code Review
Browse files

Merge "Bug #1694342: clean password from event_log takes long time" into 16.10_STABLE

parents af207c8f b13178e7
......@@ -4885,28 +4885,49 @@ function xmldb_core_upgrade($oldversion=0) {
}
if ($oldversion < 2016090223) {
if ($records = get_records_sql_array("SELECT event, data, time FROM {event_log} WHERE event = ?", array('createuser'))) {
log_debug('Remove sensitive data from event_log');
$count = 0;
$limit = 1000;
$total = count($records);
foreach ($records as $record) {
$where = clone $record;
$data = json_decode($record->data);
if (isset($data->password)) {
unset($data->password);
$cleandata = json_encode($data);
$record->data = $cleandata;
update_record('event_log', $record, $where);
set_field('usr', 'passwordchange', 1, 'username', $data->username);
}
$count++;
if (($count % $limit) == 0 || $count == $total) {
log_debug("$count/$total");
set_time_limit(30);
}
}
}
// These are the records with passwords in the data.
if ($records = get_records_sql_array("SELECT event, data, time
FROM {event_log}
WHERE event = ?
AND position(',\"password\":\"\",' in data) = 0
", array('createuser'))) {
log_debug('Remove sensitive data from event_log');
$count = 0;
$limit = 1000;
$total = count($records);
foreach ($records as $record) {
$where = clone $record;
$data = json_decode($record->data);
if (isset($data->password)) {
unset($data->password);
$cleandata = json_encode($data);
$record->data = $cleandata;
update_record('event_log', $record, $where);
set_field('usr', 'passwordchange', 1, 'username', $data->username);
}
$count++;
if (($count % $limit) == 0 || $count == $total) {
log_debug("$count/$total");
set_time_limit(30);
}
}
}
// These are the records with empty passwords in the data.
// No need for them to reset the password.
log_debug('Update sensitive data from event_log');
$sql_count = "SELECT COUNT(*)
FROM {event_log}
WHERE event = ?
AND position(',\"password\":\"\",' in data) > 0";
$count = get_field_sql($sql_count, array('createuser'));
if ($count > 0) {
$sql = "UPDATE {event_log}
SET data = replace(data, ',\"password\":\"\"', '')
WHERE event = ?
AND position(',\"password\":\"\",' in data) > 0";
execute_sql($sql,array('createuser'));
}
log_debug("$count records updated.");
}
if ($oldversion < 2016090226) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment