X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FLoginPage.java;h=ed01ceb6ccc90e9817cbe1fc64546f136ecaa08e;hb=a1a980dd0cc65f33a6189eb81a164fe79abb647c;hp=b19e8f5b5625d3e1bf64d8256769f9163b684998;hpb=cd14b85c60f736a643842b421b11f41d8fca86c7;p=gigi.git

diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index b19e8f5b..ed01ceb6 100644
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -97,8 +97,17 @@ public class LoginPage extends Page {
         ps.setString(1, un);
         GigiResultSet rs = ps.executeQuery();
         if (rs.next()) {
-            if (PasswordHash.verifyHash(pw, rs.getString(1))) {
+            String dbHash = rs.getString(1);
+            String hash = PasswordHash.verifyHash(pw, dbHash);
+            if (hash != null) {
+                if ( !hash.equals(dbHash)) {
+                    GigiPreparedStatement gps = DatabaseConnection.getInstance().prepare("UPDATE `users` SET `password`=? WHERE `email`=?");
+                    gps.setString(1, hash);
+                    gps.setString(2, un);
+                    gps.executeUpdate();
+                }
                 loginSession(req, User.getById(rs.getInt(2)));
+                req.getSession().setAttribute(LOGIN_METHOD, "Password");
             }
         }
         rs.close();
@@ -117,6 +126,7 @@ public class LoginPage extends Page {
             loginSession(req, User.getById(rs.getInt(1)));
             req.getSession().setAttribute(CERT_SERIAL, serial);
             req.getSession().setAttribute(CERT_ISSUER, x509Certificate.getIssuerDN());
+            req.getSession().setAttribute(LOGIN_METHOD, "Certificate");
         }
         rs.close();
     }