*/ if (!defined('PmWiki')) exit();
/*
* FAST Membership - Simple AuthUser addon's for PmWiki
* Modified from HtpasswdForm by D.Faure (dfaure@cpan.org)
* By Caveman (editor@fast.st)
*
* You can redistribute it and/or modify it under the terms of the GNU General
* Public License as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
* See http://www.pmwiki.org/wiki/Cookbook/FAST Membership & HtpasswdForm for info.
*/
# If the admin hasn't configured any password entries, just return.
if (!$AuthUser) return;
global $AuthUser, $HandleActions;
foreach((array)($AuthUser['htpasswd']) as $f) {
SDV($HtpasswdFile, $f);
break;
}
SDVA($HtpasswordFmt, array(
'created' => "
$['%s' has been created.]
",
'exists' =>"$[Member already exists. Please try again:]",
'deleted' => "$['%s' has been deleted.]
",
'no_user' => "$[no user name specified.]
",
'unmatched' => "$[passwords don't match.]
",
'renamed' => "$['%s' has been renamed to '%s'.]
",
'updated' => "$['%s' password has been updated.]
",
));
$HandleActions['postadmhtpasswd'] = 'HandleHtpasswdAdmForm';
$HandleActions['postusrhtpasswd'] = 'HandleHtpasswdUsrForm';
$HandleActions['postnewhtpasswd'] = 'HandleHtpasswdNewForm';
SDV($_enteredName, '');
SDV($_selectedName, 0);
Markup('htpasswdform', ' $u) {
$out[] = "\n(:cellnr:)(:input radio idx value='$i' ";
$out[] = ($i == $_selectedName) ? "checked='on'" : '';
$out[] = ":)\n(:cell:)$u[0]\n(:cell:)[@$u[1]@]\n(:cell:)$u[2]\n";
}
$out[] = "(:cellnr:)\n(:cell:)(:input submit rename value='$[Rename]':)\n(:cell:)(:input submit setpw value='$[Set Password]':)\n(:cell:)(:input submit delete value='$[Delete]':)\n
(:cellnr:)\n(:cell:)$[Name]:\n(:input text logname value='$_enteredName':)\n(:cell:)$[Password]:\n(:input password passwd value='':)\n
(:cellnr colspan='2':)\n(:cell:)$[again]:\n(:input password passwd2 '':)\n(:cell valign='bottom':)(:input submit create value='$[Create]':)\n
(:cellnr colspan='2':)\n(:cell colspan='2':)(:input radio pwtype value='0':)crypt (:input radio pwtype value='1' checked='on':)apr1\n
(:tableend:)(:input end:)";
return implode('', $out);
}
function HandleHtpasswdAdmForm($pagename) {
global $HtpasswdFile, $MessagesFmt, $HtpasswordFmt;
$msg = '';
$arr = LoadHtpasswd($HtpasswdFile);
if($_REQUEST['create']) {
$newName = GetHtpasswdFormName($pagename);
$newPass = GetHtpasswdFormPasswd($pagename);
$arr[] = array($newName, $newPass);
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordFmt['created'], $newName);
} elseif($_REQUEST['delete']) {
$oldName = $arr[$_REQUEST['idx']][0];
unset($arr[$_REQUEST['idx']]);
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordFmt['deleted'], $oldName);
} elseif($_REQUEST['rename']) {
$oldName = $arr[$_REQUEST['idx']][0];
$newName = GetHtpasswdFormName($pagename);
$arr[$_REQUEST['idx']][0] = $newName;
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordFmt['renamed'], $oldName, $newName);
} elseif($_REQUEST['setpw']) {
$oldName = $arr[$_REQUEST['idx']][0];
$newPass = GetHtpasswdFormPasswd($pagename);
$arr[$_REQUEST['idx']][1] = $newPass;
SaveHtpasswd($HtpasswdFile, $arr);
$msg = sprintf($HtpasswordFmt['updated'], $oldName);
}
$MessagesFmt[] = FmtPageName($msg, $pagename);
HandleBrowse($pagename);
exit;
}
function GetHtpasswdFormName($pagename) {
global $_selectedName, $MessagesFmt, $HtpasswordFmt;
$user = $_REQUEST['logname'];
if(!$user) {
$_selectedName = $_REQUEST['idx'];
$MessagesFmt[] = $HtpasswordFmt['no_user'];
HandleBrowse($pagename);
exit;
}
return $user;
}
function GetHtpasswdFormPasswd($pagename) {
global $_selectedName, $_enteredName, $MessagesFmt, $HtpasswordFmt;
$plain = $_REQUEST['passwd'];
if($plain != $_REQUEST['passwd2']) {
$_selectedName = $_REQUEST['idx'];
$_enteredName = $_REQUEST['logname'];
$MessagesFmt[] = $HtpasswordFmt['unmatched'];
HandleBrowse($pagename);
exit;
}
$pw = '';
if($plain) {
$salt = $_REQUEST['pwtype'] ?
'$apr1$' . substr(md5(microtime() . mt_rand(10000, 32000)), 0, 8) : null;
$pw = _crypt($plain, $salt);
}
return $pw;
}
function LoadHtpasswd($f) {
$arr = array();
$fp = fopen($f, "r");
if($fp) {
while($l = fgets($fp, 1024)) {
$l = rtrim($l);
$arr[] = explode(':', $l, 3);
}
fclose($fp);
}
return $arr;
}
function SaveHtpasswd($f, $arr) {
ignore_user_abort(true);
$fp = fopen($f, "w+");
if(flock($fp, LOCK_EX)) {
foreach($arr as $u)
fputs($fp, "$u[0]:$u[1]" . ($u[2] ? ":$u[2]" : '') . "\n");
flock($fp, LOCK_UN); // release the lock
}
fclose($fp);
ignore_user_abort(false);
}