FIX: Correct location of ticket enter form

[gigi.git] / src / org / cacert / gigi / pages / LoginPage.java

diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index 7f34f071bb72581aae38ab9299abecf621f28d0c..128855fcf0dced4e2ed690cfda5c92fdc887ed88 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -19,7 +19,7 @@ import org.cacert.gigi.database.GigiResultSet;
 import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
-import org.cacert.gigi.output.Form;
+import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.util.PasswordHash;
 
 public class LoginPage extends Page {
@@ -97,7 +97,15 @@ public class LoginPage extends Page {
         ps.setString(1, un);
         GigiResultSet rs = ps.executeQuery();
         if (rs.next()) {
-            if (PasswordHash.verifyHash(pw, rs.getString(1))) {
+            String dbHash = rs.getString(1);
+            String hash = PasswordHash.verifyHash(pw, dbHash);
+            if (hash != null) {
+                if ( !hash.equals(dbHash)) {
+                    GigiPreparedStatement gps = DatabaseConnection.getInstance().prepare("UPDATE `users` SET `password`=? WHERE `email`=?");
+                    gps.setString(1, hash);
+                    gps.setString(2, un);
+                    gps.executeUpdate();
+                }
                 loginSession(req, User.getById(rs.getInt(2)));
             }
         }
@@ -116,6 +124,7 @@ public class LoginPage extends Page {
         if (rs.next()) {
             loginSession(req, User.getById(rs.getInt(1)));
             req.getSession().setAttribute(CERT_SERIAL, serial);
+            req.getSession().setAttribute(CERT_ISSUER, x509Certificate.getIssuerDN());
         }
         rs.close();
     }