diff --git a/src/main/java/fr/xephi/authme/datasource/MySQLDataSource.java b/src/main/java/fr/xephi/authme/datasource/MySQLDataSource.java index 6cbe7875a..d0f84b8d1 100644 --- a/src/main/java/fr/xephi/authme/datasource/MySQLDataSource.java +++ b/src/main/java/fr/xephi/authme/datasource/MySQLDataSource.java @@ -10,6 +10,7 @@ import fr.xephi.authme.datasource.MiniConnectionPoolManager.TimeoutException; import fr.xephi.authme.security.HashAlgorithm; import fr.xephi.authme.settings.Settings; +import java.sql.Blob; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; @@ -209,7 +210,9 @@ public class MySQLDataSource implements DataSource { pst = con.prepareStatement("SELECT * FROM xf_user_authenticate WHERE " + columnID + "=?;"); pst.setInt(1, id); if (rs.next()) { - pAuth.setHash(rs.getString(columnPassword)); + Blob blob = rs.getBlob("data"); + byte[] bytes = blob.getBytes(1, (int) blob.length()); + pAuth.setHash(new String(bytes)); } } } else { @@ -376,18 +379,22 @@ public class MySQLDataSource implements DataSource { } } if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - int id; + int id; ResultSet rs = null; pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnName + "=?;"); pst.setString(1, auth.getNickname()); rs = pst.executeQuery(); if (rs.next()) { - id = rs.getInt(columnID); - // Insert password in the correct table - pst = con.prepareStatement("INSERT INTO xf_user_authenticate (user_id, scheme_class, data) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "XenForo_Authentication_Core12"); - pst.setString(3, auth.getHash()); + id = rs.getInt(columnID); + // Insert password in the correct table + pst = con.prepareStatement("INSERT INTO xf_user_authenticate (user_id, scheme_class, data) VALUES (?,?,?);"); + pst.setInt(1, id); + pst.setString(2, "XenForo_Authentication_Core12"); + byte[] bytes = auth.getHash().getBytes(); + Blob blob = con.createBlob(); + blob.setBytes(1, bytes); + pst.setBlob(3, blob); + pst.executeUpdate(); } } } catch (SQLException ex) { @@ -420,11 +427,14 @@ public class MySQLDataSource implements DataSource { pst.setString(1, auth.getNickname()); rs = pst.executeQuery(); if (rs.next()) { - id = rs.getInt(columnID); - // Insert password in the correct table - pst = con.prepareStatement("UPDATE xf_user_authenticate SET data=? WHERE " + columnID + "=?;"); - pst.setString(1, auth.getHash()); - pst.setInt(2, id); + id = rs.getInt(columnID); + // Insert password in the correct table + pst = con.prepareStatement("UPDATE xf_user_authenticate SET data=? WHERE " + columnID + "=?;"); + byte[] bytes = auth.getHash().getBytes(); + Blob blob = con.createBlob(); + blob.setBytes(1, bytes); + pst.setBlob(1, blob); + pst.setInt(2, id); } } } catch (SQLException ex) { diff --git a/src/main/java/fr/xephi/authme/threads/MySQLThread.java b/src/main/java/fr/xephi/authme/threads/MySQLThread.java index 59a130624..94b7e6462 100644 --- a/src/main/java/fr/xephi/authme/threads/MySQLThread.java +++ b/src/main/java/fr/xephi/authme/threads/MySQLThread.java @@ -1,5 +1,6 @@ package fr.xephi.authme.threads; +import java.sql.Blob; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; @@ -238,7 +239,9 @@ public class MySQLThread extends Thread implements DataSource { pst = con.prepareStatement("SELECT * FROM xf_user_authenticate WHERE " + columnID + "=?;"); pst.setInt(1, id); if (rs.next()) { - pAuth.setHash(rs.getString(columnPassword)); + Blob blob = rs.getBlob("data"); + byte[] bytes = blob.getBytes(1, (int) blob.length()); + pAuth.setHash(new String(bytes)); } } } else { @@ -405,18 +408,22 @@ public class MySQLThread extends Thread implements DataSource { } } if (Settings.getPasswordHash == HashAlgorithm.XENFORO) { - int id; + int id; ResultSet rs = null; pst = con.prepareStatement("SELECT * FROM " + tableName + " WHERE " + columnName + "=?;"); pst.setString(1, auth.getNickname()); rs = pst.executeQuery(); if (rs.next()) { - id = rs.getInt(columnID); - // Insert password in the correct table - pst = con.prepareStatement("INSERT INTO xf_user_authenticate (user_id, scheme_class, data) VALUES (?,?,?);"); - pst.setInt(1, id); - pst.setString(2, "XenForo_Authentication_Core12"); - pst.setString(3, auth.getHash()); + id = rs.getInt(columnID); + // Insert password in the correct table + pst = con.prepareStatement("INSERT INTO xf_user_authenticate (user_id, scheme_class, data) VALUES (?,?,?);"); + pst.setInt(1, id); + pst.setString(2, "XenForo_Authentication_Core12"); + byte[] bytes = auth.getHash().getBytes(); + Blob blob = con.createBlob(); + blob.setBytes(1, bytes); + pst.setBlob(3, blob); + pst.executeUpdate(); } } } catch (SQLException ex) { @@ -452,7 +459,10 @@ public class MySQLThread extends Thread implements DataSource { id = rs.getInt(columnID); // Insert password in the correct table pst = con.prepareStatement("UPDATE xf_user_authenticate SET data=? WHERE " + columnID + "=?;"); - pst.setString(1, auth.getHash()); + byte[] bytes = auth.getHash().getBytes(); + Blob blob = con.createBlob(); + blob.setBytes(1, bytes); + pst.setBlob(1, blob); pst.setInt(2, id); } }