*/ if (!defined('PmWiki')) exit();
/*
* HtpasswdForm - An Htpasswd file editor for PmWiki 2.x
* Copyright 2005-2020 by D.Faure (dfaure@cpan.org)
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*
* See http://www.pmwiki.org/wiki/Cookbook/HtpasswdForm for info.
*/
$RecipeInfo['HtpasswdForm']['Version'] = '2020-01-14';
include_once("$FarmD/scripts/authuser.php");
SDV($HtpasswordAuth, 'admin');
SDV($HtpasswordDefaultType, 0);
SDV($HtpasswordDefaultGroup, '');
SDV($HtpasswordCaptcha, 1);
SDV($HtpasswordMandatory, 1);
SDVA($HtpasswordTypes, array(
/* label salt timestamp? */
0 => array('apr1', '$apr1$', true),
1 => array('crypt', null, false),
2 => array('SHA-1', '{SHA}', false),
));
SDVA($HtpasswordMsgFmt, array(
'created' => "
$['%s' has been created.]
",
'deleted' => "$['%s' has been deleted.]
",
'no_name' => "$[no valid name specified.]
",
'unmatched' => "$[passwords don't match.]
",
'renamed' => "$['%s' has been renamed to '%s'.]
",
'passupdated' => "$['%s' password has been updated.]
",
'infoupdated' => "$['%s' comment has been updated.]
",
'usersupdated' => "$['%s' group has been updated.]
",
'no_group' => "$[no group specified.]
",
'useradded' => "$['%s' has been added to '%s'.]
",
'userremoved' => "$['%s' has been removed from '%s'.]
",
'exists' => "$['%s' is already defined. Choose a new one.]
",
'captcha' => "$[Incorrect captcha given.]
",
'mandatory' => "$[password is mandatory.]
",
'' => "
",
));
SDV($HtpasswordForms, array());
$HandleActions['postadmhtpasswd'] = 'HandleHtpasswdAdmForm';
$HandleAuth['postadmhtpasswd'] = $HtpasswordAuth;
$HandleActions['postusrhtpasswd'] = 'HandleHtpasswdUsrForm';
$HandleAuth['postusrhtpasswd'] = 'read';
if(IsEnabled($HtpasswordNewUsers, 0)) {
$HandleActions['postnewhtpasswd'] = 'HandleHtpasswdNewForm';
$HandleAuth['postnewhtpasswd'] = 'read';
}
SDV($EnableHtpassword, HtAuthUserInit($pagename, $HtpasswdFile, 'htpasswd'));
SDV($EnableHtgroup, HtAuthUserInit($pagename, $HtgroupFile, 'htgroup'));
function HtAuthUserInit($pagename, &$file, $authid) {
global $AuthUser, $AuthUserPageFmt;
foreach((array)($AuthUser[$authid]) as $f) {
SDV($file, $f);
break;
}
if(isset($file)) return true;
SDV($AuthUserPageFmt, '$SiteGroup.AuthUser');
$pn = FmtPageName($AuthUserPageFmt, $pagename);
$apage = ReadPage($pn, READPAGE_CURRENT);
if($apage && preg_match("/^\\s*({$authid}):\\s*(.*)/m", $apage['text'], $m)) {
$file = $m[2];
return true;
}
return false;
}
Markup('htpasswdform', ' 0)
foreach($arr as $i => $g) {
$chk = ($i == $PCache[$pagename]['idxgrp']) ? "checked='checked'" : '';
$out[] = "(:cellnr:)(:input radio idxgrp value='{$i}' tabindex='$tx' $chk:)"; $tx++;
$out[] = "(:cell:){$g[0]}\n(:cell colspan='2':){$g[1]}";
}
else
$out[] = "(:cellnr:)\n(:cell colspan='3':)\n\\\\\n%center%(no group)\\\\\\\n";
$l = "(:cellnr:)\n(:cell:)(:input submit rengrp value='$[Rename]' tabindex='$tx':)"; $tx++;
$l .= " (:input submit delgrp value='$[Delete]' tabindex='$tx':)"; $tx++;
$out[] = $l;
$l = "(:cell colspan='2':)(:input submit adduser value='$[Add a User]' tabindex='$tx':)"; $tx++;
$l .= " (:input submit remuser value='$[Remove a User]' tabindex='$tx':)"; $tx++;
$l .= " (:input submit setusers value='$[Set all Users]' tabindex='$tx':)"; $tx++;
$out[] = $l;
$out[] = "(:cellnr:)\n(:cell:)$[Group]:\n(:input text namegrp value='{$PCache[$pagename]['namegrp']}' tabindex='$tx':)"; $tx++;
$out[] = "(:cell colspan='2':)$[User(s)]:\n(:input text users value='' tabindex='$tx':)"; $tx++;
$out[] = "(:cellnr colspan='2':)\n(:cell colspan='2':)(:input submit newgrp value='$[Create Group]' tabindex='$tx':)";
if(IsEnabled($EnableHtpassword, 1)) $out[] = "(:cellnr colspan='4':)\n----";
}
if(IsEnabled($EnableHtpassword, 1) && isset($HtpasswdFile)) {
SDV($PCache[$pagename]['idxusr'], '');
SDV($PCache[$pagename]['nameusr'], '');
$out[] = "(:cellnr colspan='4':)''$HtpasswdFile''";
$out[] = "(:cellnr:)\n(:cell:)'''$[User]'''\n(:cell:)'''$[Password]'''\n(:cell:)'''$[Comment]'''";
$arr = LoadHtpasswd($HtpasswdFile);
if(count($arr) > 0)
foreach($arr as $i => $u) {
$chk = ($i == $PCache[$pagename]['idxusr']) ? "checked='checked'" : '';
$out[] = "(:cellnr:)(:input radio idxusr value='{$i}' tabindex='$tx' $chk:)"; $tx++;
$user = IsEnabled($EnableHtpasswordProfileLinks, 1) ? "%newwin% [[~{$u[0]}]]" : $u[0];
SDV($u[1], ''); SDV($u[2], '');
$out[] = "(:cell:){$user}\n(:cell:)[@{$u[1]}@]\n(:cell:){$u[2]}";
}
else
$out[] = "(:cellnr:)\n(:cell colspan='3':)\n\\\\\n%center%(no user)\\\\\\\n";
$l = "(:cellnr:)\n(:cell:)(:input submit renusr value='$[Rename]' tabindex='$tx':)"; $tx++;
$l .= " (:input submit delusr value='$[Delete]' tabindex='$tx':)"; $tx++;
$out[] = $l;
$out[] = "(:cell:)(:input submit setpw value='$[Set Password]' tabindex='$tx':)"; $tx++;
$out[] = "(:cell:)(:input submit setinfo value='$[Set Comment]' tabindex='$tx':)"; $tx++;
$out[] = "(:cellnr:)\n(:cell:)$[Username]:\n(:input text nameusr value='{$PCache[$pagename]['nameusr']}' tabindex='$tx':)"; $tx++;
$out[] = "(:cell:)$[Password]:\n(:input password passwd value='' tabindex='$tx':)"; $tx2 = ++$tx; $tx++;
$out[] = "(:cell:)$[Comment]:\n(:input text info value='' tabindex='$tx':)"; $tx++;
$out[] = "(:cellnr colspan='2':)\n(:cell:)$[again]:\n(:input password passwd2 value='' tabindex='$tx2':)";
$out[] = "(:cell valign='bottom':)(:input submit newusr value='$[Create User]' tabindex='$tx':)"; $tx++;
$out[] = "(:cellnr colspan='2':)\n(:cell:)";
foreach($HtpasswordTypes as $i => $t) {
$chk = ($i == $HtpasswordDefaultType) ? "checked='checked'" : '';
$out[] = "(:input radio pwtype value='{$i}' tabindex='$tx' $chk:){$t[0]}"; $tx++;
}
$out[] = "(:cell:)";
if(IsEnabled($EnableHtgroup, 1) && $grpCount > 0) {
SDV($PCache[$pagename]['updgrp'], IsEnabled($EnableHtpasswordGroupUpdated, 1));
$chk = $PCache[$pagename]['updgrp'] ? "checked='checked'" : '';
$out[] = "(:input checkbox updgrp tabindex='$tx' value='1' $chk:)$[update group(s)]"; $tx++;
}
}
$out[] = "(:tableend:)(:input end:)\n(:divend:)";
SDV($PCache[$pagename]['focus'], 'nameusr');
if(isset($HtgroupFile) || isset($HtpasswdFile))
$out[] = HtSetFocus('htpasswdadmform', $PCache[$pagename]['focus']);
return implode("\n", $out);
}
function HandleHtpasswdAdmForm($pagename, $auth) {
global $HtpasswordAuth, $EnableHtgroup, $HtgroupFile, $EnableHtpassword,
$HtpasswdFile, $MessagesFmt, $HtpasswordMsgFmt, $HandleActions;
$page = RetrieveAuthPage($pagename, $HtpasswordAuth, false);
if (!$page) Abort('?unauthorized');
PCache($pagename, $page);
$browse = $HandleActions['browse'];
$msg = '';
$idxusr = $_REQUEST['idxusr'];
$idxgrp = $_REQUEST['idxgrp'];
if($EnableHtgroup) { // group handling
if(@$_REQUEST['newgrp']) {
$name = HtpasswdGetFormGroup($pagename, $auth);
$arr = LoadHtgroup($HtgroupFile);
$arr[] = array($name, $_REQUEST['users']);
SaveHtgroup($HtgroupFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['created'], $name);
} elseif(isset($idxgrp)) {
if(@$_REQUEST['delgrp']) {
$arr = LoadHtgroup($HtgroupFile);
$name = $arr[$idxgrp][0];
unset($arr[$idxgrp]);
SaveHtgroup($HtgroupFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['deleted'], $name);
} elseif(@$_REQUEST['rengrp']) {
$new = HtpasswdGetFormGroup($pagename, $auth);
$arr = LoadHtgroup($HtgroupFile);
$name = $arr[$idxgrp][0];
$arr[$idxgrp][0] = $new;
SaveHtgroup($HtgroupFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['renamed'], $name, $new);
} elseif(@$_REQUEST['adduser']) {
$user = $_REQUEST['users'];
if($EnableHtpassword && !$user && isset($idxusr)) {
$arr = LoadHtpasswd($HtpasswdFile);
$user = $arr[$idxusr][0];
}
if($user) {
$arr = LoadHtgroup($HtgroupFile);
$name = $arr[$idxgrp][0];
HtgroupAddUser($arr, $name, $user);
SaveHtgroup($HtgroupFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['useradded'], $user, $name);
}
} elseif(@$_REQUEST['remuser']) {
$user = $_REQUEST['users'];
if($EnableHtpassword && !$user && isset($idxusr)) {
$arr = LoadHtpasswd($HtpasswdFile);
$user = $arr[$idxusr][0];
}
if($user) {
$arr = LoadHtgroup($HtgroupFile);
$name = $arr[$idxgrp][0];
$arr[$idxgrp][1] = HtgroupAlterUsers($arr[$idxgrp][1], $user, '');
SaveHtgroup($HtgroupFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['userremoved'], $user, $name);
}
} elseif(@$_REQUEST['setusers']) {
$arr = LoadHtgroup($HtgroupFile);
$name = $arr[$idxgrp][0];
$arr[$idxgrp][1] = $_REQUEST['users'];
SaveHtgroup($HtgroupFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['usersupdated'], $name);
}
}
}
if($EnableHtpassword) { // user handling
if(@$_REQUEST['newusr']) {
$name = HtpasswdGetFormName($pagename, $auth, true);
$pass = HtpasswdGetFormPasswd($pagename, $auth, $_REQUEST['pwtype']);
$info = $_REQUEST['info'];
$arr = LoadHtpasswd($HtpasswdFile);
if(HtPasswdUserExists($name, $arr))
$msg = sprintf($HtpasswordMsgFmt['exists'], $name);
else {
$arr[] = array($name, $pass, $info);
SaveHtpasswd($HtpasswdFile, $arr);
if($EnableHtgroup && isset($idxgrp) && @$_REQUEST['updgrp']) {
$arr = LoadHtgroup($HtgroupFile);
if(count($arr)) {
$group = $arr[$idxgrp][0];
HtgroupAddUser($arr, $group, $name);
SaveHtgroup($HtgroupFile, $arr);
}
}
$msg = sprintf($HtpasswordMsgFmt['created'], $name);
}
} elseif(isset($idxusr)) {
if(@$_REQUEST['delusr']) {
$arr = LoadHtpasswd($HtpasswdFile);
$name = $arr[$idxusr][0];
unset($arr[$idxusr]);
SaveHtpasswd($HtpasswdFile, $arr);
if($EnableHtgroup && isset($idxgrp) && @$_REQUEST['updgrp']) {
$arr = LoadHtgroup($HtgroupFile);
if(count($arr)) {
for($i = 0; $i < count($arr); $i++)
$arr[$i][1] = HtgroupAlterUsers($arr[$i][1], $name);
SaveHtgroup($HtgroupFile, $arr);
}
}
$msg = sprintf($HtpasswordMsgFmt['deleted'], $name);
} elseif(@$_REQUEST['renusr']) {
$new = HtpasswdGetFormName($pagename, $auth, true);
$arr = LoadHtpasswd($HtpasswdFile);
$name = $arr[$idxusr][0];
$arr[$idxusr][0] = $new;
SaveHtpasswd($HtpasswdFile, $arr);
if($EnableHtgroup && isset($idxgrp) && @$_REQUEST['updgrp']) {
$arr = LoadHtgroup($HtgroupFile);
if(count($arr)) {
for($i = 0; $i < count($arr); $i++)
$arr[$i][1] = HtgroupAlterUsers($arr[$i][1], $name, $new);
SaveHtgroup($HtgroupFile, $arr);
}
}
$msg = sprintf($HtpasswordMsgFmt['renamed'], $name, $new);
} elseif(@$_REQUEST['setpw']) {
$pass = HtpasswdGetFormPasswd($pagename, $auth, $_REQUEST['pwtype']);
$arr = LoadHtpasswd($HtpasswdFile);
$name = $arr[$idxusr][0];
$arr[$idxusr][1] = $pass;
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['passupdated'], $name);
} elseif(@$_REQUEST['setinfo']) {
$arr = LoadHtpasswd($HtpasswdFile);
$name = $arr[$idxusr][0];
$arr[$idxusr][2] = $_REQUEST['info'];
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['infoupdated'], $name);
}
}
}
$MessagesFmt[] = FmtPageName($msg, $pagename);
$browse($pagename, $auth);
exit();
}
function HtpasswdUsrForm($pagename) {
global $InputAttrs, $HtpasswordForms, $PCache, $AuthId,
$HtpasswordRemindUserInfo, $HtpasswordGetUserInfo, $HtpasswordUpdateUserInfo;
$InputAttrs[] = 'tabindex';
SDV($HtpasswordUpdateUserInfo, $HtpasswordGetUserInfo);
if(IsEnabled($HtpasswordRemindUserInfo, 0)) {
SDV($HtpasswordForms['reminder'],
"(:cell:) \n(:input submit remind value='$[Get Comment]' tabindex='98':)");
$HtpasswordUpdateUserInfo = 1;
}
if(IsEnabled($HtpasswordUpdateUserInfo, 0))
SDV($HtpasswordForms['usrinfo'],
"(:cell:)$[Comment]:\n(:input text info value='\$Info' tabindex='5':)\n");
SDV($HtpasswordForms['user'], "(:messages:)
(:div class='htpasswdform htpasswdusrform':)
(:input form name='htpasswdusrform' '{\$PageUrl}':)(:input hidden action postusrhtpasswd:)
(:table border='0':)
(:cellnr:)$[Name]:\n(:input text nameusr value='\$UserName' tabindex='1':)
(:cell:)$[Old Password]:\n(:input password passwd0 value='' tabindex='2':)
\$UserInfo
(:cellnr:)\n(:cell:)$[New Password]:\n(:input password passwd value='' tabindex='3':)
\$Reminder
(:cellnr:)\n(:cell:)$[again]:\n(:input password passwd2 value='' tabindex='4':)
(:cell valign='bottom':) \n(:input submit change value='$[Change Password]' tabindex='99':)
(:tableend:)(:input end:)\n(:divend:)");
SDV($PCache[$pagename]['nameusr'], @$AuthId);
return FmtPageName(str_replace(array('$UserName', '$UserInfo', '$Info', '$Reminder'),
array($PCache[$pagename]['nameusr'],
$HtpasswordForms['usrinfo'],
htmlspecialchars($PCache[$pagename]['info'], ENT_QUOTES),
$HtpasswordForms['reminder']),
$HtpasswordForms['user']),
$pagename) . HtSetFocus('htpasswdusrform', 'nameusr');
}
function HandleHtpasswdUsrForm($pagename, $auth) {
global $EnableHtpassword, $HtpasswdFile, $HtpasswordDefaultType,
$MessagesFmt, $HtpasswordMsgFmt, $PCache, $HtpasswordRemindUserInfo, $HandleActions;
if($EnableHtpassword) {
$msg = '';
if(@$_REQUEST['change']) {
$name = HtpasswdGetFormName($pagename, $auth);
$arr = LoadHtpasswd($HtpasswdFile);
for($i = 0; $i < count($arr); $i++) {
if($name == $arr[$i][0]) {
$plain = $_REQUEST['passwd0'];
$old = $arr[$i][1];
if(!($old || $plain) || _crypt($plain, $old) == $old) {
$arr[$i][1] = HtpasswdGetFormPasswd($pagename, $auth,
$HtpasswordDefaultType,
$old, false);
if($_REQUEST['info']) {
$arr[$i][2] = ($_REQUEST['info'] == 'clear') ? '' : $_REQUEST['info'];
}
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordMsgFmt['passupdated'], $name);
}
break;
}
}
} elseif(@$_REQUEST['remind'] && IsEnabled($HtpasswordRemindUserInfo, 0)) {
$name = HtpasswdGetFormName($pagename, $auth);
$arr = LoadHtpasswd($HtpasswdFile);
for($i = 0; $i < count($arr); $i++) {
if($name == $arr[$i][0]) {
$PCache[$pagename]['nameusr'] = $name;
$PCache[$pagename]['info'] = $arr[$i][2];
break;
}
}
}
$MessagesFmt[] = FmtPageName($msg, $pagename);
}
$HandleActions['browse']($pagename, $auth);
exit();
}
function HtpasswdNewForm($pagename, $args) {
global $InputAttrs, $HtpasswordForms, $HtpasswordGetUserInfo,
$HtpasswordCaptcha, $RecipeInfo;
$InputAttrs[] = 'tabindex';
$opt = ParseArgs($args);
if(IsEnabled($HtpasswordGetUserInfo, 0))
SDV($HtpasswordForms['info'],
"(:cell:)$[Comment]:\n(:input text info value='' tabindex='4':)\n");
SDV($opt['page'], '');
SDV($HtpasswordForms['new'], "(:messages:)
(:div class='htpasswdform htpasswdnewform':)
(:input form name='htpasswdnewform' '{\$PageUrl}':)(:input hidden action postnewhtpasswd:)
(:input hidden page '\$TargetPage':)
(:table border='0':)
(:cellnr:)$[Name]:\n(:input text nameusr value='' tabindex='1':)
(:cell:)$[Password]:\n(:input password passwd value='' tabindex='2':)
\$UserInfo
(:cellnr:)\n(:cell:)$[again]:\n(:input password passwd2 value='' tabindex='3':)
(:cell valign='bottom':)(:input submit create value='$[Create]' tabindex='99':)
(:cellnr:)\n(:cell colspan='2':)\$Captcha
(:tableend:)(:input end:)\n(:divend:)");
$captcha = '';
if(IsEnabled($HtpasswordCaptcha, 1) && @$RecipeInfo['Captcha']) {
SDV($HtpasswordForms['captcha'], "$[Enter value]:\n{\$Captcha} (:input captcha:)");
$captcha = FmtPageName($HtpasswordForms['captcha'], $pagename);
}
return FmtPageName(str_replace(array('$UserInfo', '$Captcha', '$TargetPage'),
array($HtpasswordForms['info'], $captcha, $opt['page']),
$HtpasswordForms['new']),
$pagename) . HtSetFocus('htpasswdnewform', 'nameusr');
}
function HandleHtpasswdNewForm($pagename, $auth) {
global $EnableHtpassword, $HtpasswdFile, $HtpasswordGetUserInfo,
$HtpasswordDefaultType, $HtpasswordMsgFmt,
$EnableHtgroup, $HtgroupFile, $HtpasswordDefaultGroup, $MessagesFmt, $AuthId,
$HtpasswordAutoLogin, $HtpasswordNewPageRedirect, $HandleActions,
$HtpasswordCaptcha, $RecipeInfo;
$browse = $HandleActions['browse'];
if($EnableHtpassword) {
$arr = LoadHtpasswd($HtpasswdFile);
if($_REQUEST['create']) {
$newName = HtpasswdGetFormName($pagename, $auth);
$newPass = HtpasswdGetFormPasswd($pagename, $auth, $HtpasswordDefaultType, '', false);
$newInfo = IsEnabled($HtpasswordGetUserInfo, 0) ? $_REQUEST['info'] : '';
if(IsEnabled($HtpasswordCaptcha, 1) && @$RecipeInfo['Captcha'] && ! IsCaptcha()) {
$MessagesFmt[] = FmtPageName($HtpasswordMsgFmt['captcha'], $pagename);
$browse($pagename, $auth);
exit();
}
if(HtPasswdUserExists($newName, $arr)) {
$MessagesFmt[] = FmtPageName(sprintf($HtpasswordMsgFmt['exists'], $newName),
$pagename);
$browse($pagename, $auth);
exit();
}
$arr[] = array($newName, $newPass, $newInfo);
SaveHtpasswd($HtpasswdFile, $arr);
if($EnableHtgroup && $HtgroupFile && $HtpasswordDefaultGroup) {
$arr = LoadHtgroup($HtgroupFile);
HtgroupAddUser($arr, $HtpasswordDefaultGroup, $newName);
SaveHtgroup($HtgroupFile, $arr);
}
SDV($HtpasswordNewPageRedirect, $pagename);
$target = FmtPageName(@$_REQUEST['page'] ?
$_REQUEST['page'] : $HtpasswordNewPageRedirect,
$pagename);
if(IsEnabled($HtpasswordAutoLogin, 1)) {
unset($AuthId);
AuthUserId($target, $newName, $_REQUEST['passwd']);
}
if($target == $pagename) {
$MessagesFmt[] = FmtPageName(sprintf($HtpasswordMsgFmt['created'], $newName),
$pagename);
$browse($pagename, $auth);
}
else
Redirect($target);
exit();
}
}
$browse($pagename, $auth);
}
function HtpasswdGetFormName($pagename, $auth, $adm = false) {
global $PCache, $MessagesFmt, $HtpasswordMsgFmt, $HtpasswordSimpleNameOnly, $HandleActions;
$user = $_REQUEST['nameusr'];
if(!$user || IsEnabled($HtpasswordSimpleNameOnly, 1) && !preg_match('/^\\w+$/', $user)) {
if($adm) {
$PCache[$pagename]['idxusr'] = $_REQUEST['idxusr'];
$PCache[$pagename]['updgrp'] = $_REQUEST['updgrp'];
$PCache[$pagename]['idxgrp'] = $_REQUEST['idxgrp'];
$PCache[$pagename]['namegrp'] = $_REQUEST['namegrp'];
$PCache[$pagename]['focus'] = 'nameusr';
}
$MessagesFmt[] = FmtPageName($HtpasswordMsgFmt['no_name'], $pagename);
$HandleActions['browse']($pagename, $auth);
exit();
}
return $user;
}
function HtpasswdGetFormPasswd($pagename, $auth, $pwtype, $salt = '', $adm = true) {
global $PCache, $MessagesFmt, $HtpasswordMsgFmt, $HtpasswordTypes,
$HtpasswordMandatory, $HandleActions;
$plain = $_REQUEST['passwd'];
$mandatory = IsEnabled($HtpasswordMandatory, 1) && !$plain;
if($mandatory || ($plain != $_REQUEST['passwd2'])) {
$PCache[$pagename]['nameusr'] = $_REQUEST['nameusr'];
$PCache[$pagename]['info'] = $_REQUEST['info'];
if($adm) {
$PCache[$pagename]['idxusr'] = $_REQUEST['idxusr'];
$PCache[$pagename]['updgrp'] = $_REQUEST['updgrp'];
$PCache[$pagename]['idxgrp'] = $_REQUEST['idxgrp'];
$PCache[$pagename]['namegrp'] = $_REQUEST['namegrp'];
$PCache[$pagename]['focus'] = 'passwd';
}
$MessagesFmt[] =
$mandatory ? FmtPageName($HtpasswordMsgFmt['mandatory'], $pagename)
: FmtPageName($HtpasswordMsgFmt['unmatched'], $pagename);
$HandleActions['browse']($pagename, $auth);
exit();
}
if(!$salt) {
$salt = $HtpasswordTypes[$pwtype][1];
if($salt && $HtpasswordTypes[$pwtype][2])
$salt .= substr(md5(microtime() . mt_rand(10000, 32000)), 0, 8);
}
$pw = _crypt($plain, $salt);
return $pw;
}
function HtpasswdGetFormGroup($pagename, $auth) {
global $PCache, $MessagesFmt, $HtpasswordMsgFmt, $HandleActions;
$group = $_REQUEST['namegrp'];
if(!$group) {
$PCache[$pagename]['idxusr'] = $_REQUEST['idxusr'];
$PCache[$pagename]['nameusr'] = $_REQUEST['nameusr'];
$PCache[$pagename]['updgrp'] = $_REQUEST['updgrp'];
$PCache[$pagename]['idxgrp'] = $_REQUEST['idxgrp'];
$PCache[$pagename]['focus'] = 'namegrp';
$MessagesFmt[] = FmtPageName($HtpasswordMsgFmt['no_group'], $pagename);
$HandleActions['browse']($pagename, $auth);
exit();
}
return $group;
}
# --- Utilities ---
function HtPasswdUserExists($name, $arr) {
for($i = 0; $i < count($arr); $i++)
if($name == $arr[$i][0]) return true;
return false;
}
function HtQuoteUser($user) {
if(preg_match("/['\"\\s]/", $user))
$user = "'" . preg_replace("/'/", "\\'", $user) . "'";
return $user;
}
function HtUnquoteUser($user) {
return preg_replace(array('/^(["\'])(.*)\\1$/', '/\\\(["\'])/'),
array('$2', '$1'), $user);
}
function HtgroupAlterUsers($users, $name, $new = '') {
if(preg_match_all('/(\w+
|"[^\\\\"]*(?:\\\\.[^\\\\"]*)*"
|\'[^\\\\\']*(?:\\\\.[^\\\\\']*)*\')/x',
$users, $m, PREG_PATTERN_ORDER)) {
$uar = array();
foreach($m[0] as $user) {
if(HtUnquoteUser($user) == $name) {
if($new) $uar[] = HtQuoteUser($new);
} else $uar[] = $user;
}
if(!$name && $new)
$uar[] = HtQuoteUser($new);
return implode(' ', $uar);
}
return $new ? $new : $users;
}
function HtgroupAddUser(&$arr, $group, $user) {
for($i = 0; $i < count($arr); $i++)
if($arr[$i][0] == $group) {
$arr[$i][1] = HtgroupAlterUsers($arr[$i][1], '', $user);
break;
}
}
function HtSetFocus($form, $name, $set = false) {
return '<:block>' . Keep("");
}
# --- File management ---
function HtPasswdCmp($x, $y) {
return strcasecmp($x[0], $y[0]);
}
function HtArraySort(&$arr, $flag) {
global $HtPasswdCmpFunc;
SDV($HtPasswdCmpFunc, 'HtPasswdCmp');
if($flag) usort($arr, $HtPasswdCmpFunc);
}
function LoadHtpasswd($f) {
$arr = array();
$fp = @fopen($f, "r");
if($fp) {
while($l = fgets($fp, 1024)) {
$l = rtrim($l);
$arr[] = explode(':', $l, 3);
}
fclose($fp);
}
return $arr;
}
function SaveHtpasswd($f, $arr) {
global $HtpasswordSortedFile;
if(is_file($f) && !is_writable($f))
Abort("Cannot write to $f (htpasswd)...changes not saved");
HtArraySort($arr, IsEnabled($HtpasswordSortedFile, 0));
ignore_user_abort(true);
$fp = fopen($f, "w+");
if(flock($fp, LOCK_EX)) {
foreach($arr as $u)
@fputs($fp, "$u[0]:$u[1]" . ($u[2] ? ":$u[2]" : '') . "\n");
flock($fp, LOCK_UN);
}
fclose($fp);
ignore_user_abort(false);
}
function LoadHtgroup($f) {
$arr = array();
$fp = @fopen($f, "r");
if($fp) {
while($l = fgets($fp, 4096)) {
if (preg_match('/^(\\w[^\\s:]+)\\s*:(.*)$/', trim($l), $m)) {
/*
$gl = preg_split('/[\\s,]+/', $m[2], -1, PREG_SPLIT_NO_EMPTY);
$arr[] = array($m[1], $gl);
#*/
$arr[] = array($m[1], $m[2]);
}
}
fclose($fp);
}
return $arr;
}
function SaveHtgroup($f, $arr) {
global $HtgroupSortedFile;
if(is_file($f) && !is_writable($f))
Abort("Cannot write to $f (htgroup)...changes not saved");
HtArraySort($arr, IsEnabled($HtgroupSortedFile, 0));
ignore_user_abort(true);
$fp = fopen($f, "w+");
if(flock($fp, LOCK_EX)) {
foreach($arr as $g)
/* fputs($fp, "$g[0]:" . implode(' ', $g[1]) . "\n");
#*/
fputs($fp, "$g[0]:$g[1]\n");
flock($fp, LOCK_UN);
}
fclose($fp);
ignore_user_abort(false);
}