public function generatePassword(Request $request)
{
$data = 'POST' === $request->getMethod() ? $this->handleRequest($request) : $request->query->all();
$generator = new \PWGen();
$generator->setCapitalize((bool) $data['upper_case'])->setNumerals((bool) $data['numbers'])->setSecure((bool) $data['secure'])->setSymbols((bool) $data['symbols'])->setLength((int) $data['length']);
return new JsonResponse(['password' => $generator->generate()], 200);
}
/**
* @param \ArrayObject $project
*
* @return mixed
*/
public function create(\ArrayObject $project)
{
$project["dbuser"] = $this->dialogProvider->askFor("Enter a PostgreSQL username", null, $project["name"]);
$pwgen = new \PWGen();
$project["dbpass"] = $this->dialogProvider->askFor("Enter a PostgreSQL password", null, $pwgen->generate());
$project["dbname"] = $this->dialogProvider->askFor("Enter a PostgreSQL databasename", null, $project["name"]);
$project["dbserver"] = $this->dialogProvider->askFor("Enter a PostgreSQL server host", null, "localhost");
}
public static function generate($intLength = 8, $blnPreventAmbiguous = true, $arrAlphabets = null, $arrRules = null, $strAllowedSpecialChars = null)
{
$arrAlphabets = is_array($arrAlphabets) ? $arrAlphabets : static::$arrAlphabets;
$arrRules = is_array($arrRules) ? $arrRules : static::$arrRules;
$strAllowedSpecialChars = $strAllowedSpecialChars !== null ? $strAllowedSpecialChars : static::$strAllowedSpecialChars;
$pwGen = new \PWGen($intLength, false, in_array(CodeGenerator::NUMBERS, $arrAlphabets) && in_array(CodeGenerator::NUMBERS, $arrRules), in_array(CodeGenerator::CAPITAL_LETTERS, $arrAlphabets) && in_array(CodeGenerator::CAPITAL_LETTERS, $arrRules), $blnPreventAmbiguous, false, in_array(CodeGenerator::SPECIAL_CHARS, $arrAlphabets) && in_array(CodeGenerator::SPECIAL_CHARS, $arrRules));
$strCode = $pwGen->generate();
// replace remaining ambiguous characters
if ($blnPreventAmbiguous) {
$arrCharReplacements = array('y', 'Y', 'z', 'Z', 'o', 'O', 'i', 'I', 'l');
foreach ($arrCharReplacements as $strChar) {
$strCode = str_replace($strChar, StringUtil::randomChar(!$blnPreventAmbiguous), $strCode);
}
}
// apply allowed alphabets
$strForbiddenPattern = '';
$strAllowedChars = '';
if (!in_array(CodeGenerator::CAPITAL_LETTERS, $arrAlphabets)) {
$strForbiddenPattern .= 'A-Z';
} else {
$strAllowedChars .= $blnPreventAmbiguous ? StringUtil::CAPITAL_LETTERS_NONAMBIGUOUS : StringUtil::CAPITAL_LETTERS;
}
if (!in_array(CodeGenerator::SMALL_LETTERS, $arrAlphabets)) {
$strForbiddenPattern .= 'a-z';
} else {
$strAllowedChars .= $blnPreventAmbiguous ? StringUtil::SMALL_LETTERS_NONAMBIGUOUS : StringUtil::SMALL_LETTERS;
}
if (!in_array(CodeGenerator::NUMBERS, $arrAlphabets)) {
$strForbiddenPattern .= '0-9';
} else {
$strAllowedChars .= $blnPreventAmbiguous ? StringUtil::NUMBERS_NONAMBIGUOUS : StringUtil::NUMBERS;
}
if ($strForbiddenPattern) {
$strCode = preg_replace_callback('@[' . $strForbiddenPattern . ']{1}@', function () use($strAllowedChars) {
return StringUtil::random($strAllowedChars);
}, $strCode);
}
// special chars
if (!in_array(CodeGenerator::SPECIAL_CHARS, $arrAlphabets)) {
$strCode = preg_replace_callback('@[^' . $strAllowedChars . ']{1}@', function () use($strAllowedChars) {
return StringUtil::random($strAllowedChars);
}, $strCode);
} else {
$strCode = preg_replace_callback('@[^' . $strAllowedChars . ']{1}@', function () use($strAllowedSpecialChars) {
return StringUtil::random($strAllowedSpecialChars);
}, $strCode);
}
return $strCode;
}
/**
* This method initializes all static vars which contain complex datatypes.
* It acts somewhat like a static block in Java. Since PHP does not support this principle, the method
* is called from the constructor. Because of that you can not access the static vars unless there
* exists at least one object of the class.
*/
private static function __static()
{
if (!self::$initialized) {
self::$initialized = true;
self::$elements = array(new PWElement('a', self::VOWEL), new PWElement('ae', self::VOWEL | self::DIPHTHONG), new PWElement('ah', self::VOWEL | self::DIPHTHONG), new PWElement('ai', self::VOWEL | self::DIPHTHONG), new PWElement('b', self::CONSONANT), new PWElement('c', self::CONSONANT), new PWElement('ch', self::CONSONANT | self::DIPHTHONG), new PWElement('d', self::CONSONANT), new PWElement('e', self::VOWEL), new PWElement('ee', self::VOWEL | self::DIPHTHONG), new PWElement('ei', self::VOWEL | self::DIPHTHONG), new PWElement('f', self::CONSONANT), new PWElement('g', self::CONSONANT), new PWElement('gh', self::CONSONANT | self::DIPHTHONG | self::NOT_FIRST), new PWElement('h', self::CONSONANT), new PWElement('i', self::VOWEL), new PWElement('ie', self::VOWEL | self::DIPHTHONG), new PWElement('j', self::CONSONANT), new PWElement('k', self::CONSONANT), new PWElement('l', self::CONSONANT), new PWElement('m', self::CONSONANT), new PWElement('n', self::CONSONANT), new PWElement('ng', self::CONSONANT | self::DIPHTHONG | self::NOT_FIRST), new PWElement('o', self::VOWEL), new PWElement('oh', self::VOWEL | self::DIPHTHONG), new PWElement('oo', self::VOWEL | self::DIPHTHONG), new PWElement('p', self::CONSONANT), new PWElement('ph', self::CONSONANT | self::DIPHTHONG), new PWElement('qu', self::CONSONANT | self::DIPHTHONG), new PWElement('r', self::CONSONANT), new PWElement('s', self::CONSONANT), new PWElement('sh', self::CONSONANT | self::DIPHTHONG), new PWElement('t', self::CONSONANT), new PWElement('th', self::CONSONANT | self::DIPHTHONG), new PWElement('u', self::VOWEL), new PWElement('v', self::CONSONANT), new PWElement('w', self::CONSONANT), new PWElement('x', self::CONSONANT), new PWElement('y', self::CONSONANT), new PWElement('z', self::CONSONANT));
self::$pw_ambiguous = 'B8G6I1l0OQDS5Z2';
self::$pw_symbols = "!\"#\$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
self::$pw_digits = '0123456789';
self::$pw_uppers = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
self::$pw_lowers = 'abcdefghijklmnopqrstuvwxyz';
self::$pw_vowels = '01aeiouyAEIOUY';
}
}
}
} else {
//no one has this email ... alert
echo '[{"error":"error_email" , "message":"' . $txt['forgot_my_pw_error_email_not_exist'] . '"}]';
}
break;
//Send to user his new pw if key is conform
//Send to user his new pw if key is conform
case "generate_new_password":
//check if key is okay
$data = $db->fetch_row("SELECT valeur FROM " . $pre . "misc WHERE intitule = '" . $_POST['login'] . "' AND type = 'password_recovery'");
if ($_POST['key'] == $data[0]) {
//Generate and change pw
$new_pw = "";
include '../includes/libraries/pwgen/pwgen.class.php';
$pwgen = new PWGen();
$pwgen->setLength(10);
$pwgen->setSecure(true);
$pwgen->setSymbols(false);
$pwgen->setCapitalize(true);
$pwgen->setNumerals(true);
$new_pw_not_crypted = $pwgen->generate();
$new_pw = encrypt(string_utf8_decode($new_pw_not_crypted));
//update DB
$db->query_update("users", array('pw' => $new_pw), "login = '******'login'] . "'");
//Delete recovery in DB
$db->query_delete("misc", array('type' => 'password_recovery', 'intitule' => $_POST['login'], 'valeur' => $key));
//Get email
$data_user = $db->query_first("SELECT email FROM " . $pre . "users WHERE login = '******'login'] . "'");
$_SESSION['validite_pw'] = false;
//load library
/**
* A wrapper for PWGen
*/
public static function generatePassword($random = true)
{
$pwgen = new \PWGen();
return $pwgen->generate();
}
//return data
echo $return_values;
break;
/*
* CASE
* Generate a password
*/
/*
* CASE
* Generate a password
*/
case "pw_generate":
$key = "";
//call class
include '../includes/libraries/pwgen/pwgen.class.php';
$pwgen = new PWGen();
// Set pw size
$pwgen->setLength($_POST['size']);
// Include at least one number in the password
$pwgen->setNumerals($_POST['num'] == "true" ? true : false);
// Include at least one capital letter in the password
$pwgen->setCapitalize($_POST['maj'] == "true" ? true : false);
// Include at least one symbol in the password
$pwgen->setSymbols($_POST['symb'] == "true" ? true : false);
// Complete random, hard to memorize password
if (isset($_POST['secure']) && $_POST['secure'] == "true") {
$pwgen->setSecure(true);
$pwgen->setSymbols(true);
$pwgen->setCapitalize(true);
$pwgen->setNumerals(true);
} else {
echo 'document.getElementById(\'item_details_ok\').style.display = "none";';
echo 'document.getElementById(\'item_details_expired\').style.display="none";';
echo '$(\'#menu_button_edit_item, #menu_button_del_item, #menu_button_copy_item, #menu_button_add_fav, #menu_button_del_fav, #menu_button_show_pw, #menu_button_copy_pw, #menu_button_copy_login, #menu_button_copy_link\').attr(\'disabled\',\'disabled\');';
}
break;
#############
### CASE ####
### Generate a password
#############
### CASE ####
### Generate a password
case "pw_generate":
$key = "";
//call class
include '../includes/libraries/pwgen/pwgen.class.php';
$pwgen = new PWGen();
// Set pw size
$pwgen->setLength($_POST['size']);
// Include at least one number in the password
$pwgen->setNumerals($_POST['num'] == "true" ? true : false);
// Include at least one capital letter in the password
$pwgen->setCapitalize($_POST['maj'] == "true" ? true : false);
// Include at least one symbol in the password
$pwgen->setSymbols($_POST['symb'] == "true" ? true : false);
// Complete random, hard to memorize password
if ($_POST['secure'] == "true") {
$pwgen->setSecure(true);
$pwgen->setSymbols(true);
$pwgen->setCapitalize(true);
$pwgen->setNumerals(true);
} else {
"> *</td></tr>
<tr><td align="right"><b>Hostname:</b></td><td><input type="text" name="host" size="30" maxlength="30" value="<?php
if (isset($host)) {
echo $host;
}
?>
"> *</td></tr>
<tr><td align="right"><b>IP:</b></td><td><input type="text" name="ip" onBlur="isIP(this)" size="30" maxlength="30" value="<?php
if (isset($ip)) {
echo $ip;
}
?>
"> *</td></tr>
<?php
include 'pwgen.class.php';
$pwgen = new PWGen();
$password = $pwgen->generate();
?>
<tr><td align="right"><b>Usuário:</b></td><td><input type="text" name="user" size="15" maxlength="60" value="<?php
if (isset($user)) {
echo $user;
}
?>
"> *</td></tr>
<tr><td align="right"><b>Senha:</b></td><td><input type="password" name="password" size="15" maxlength="30"> *</td><td align="left"><b>Sugestão de senha:</b>
<font color="red" size="4"><?php
if (isset($password)) {
echo $password;
}
?>
</font>
/**
* Disallow certain special chars
* @param array $symbols
*/
public function blacklistSymbol(array $symbols)
{
foreach ($symbols as $symbol) {
if (!preg_match('/' . preg_quote($symbol) . '/', self::$pw_symbols)) {
return;
}
}
$symbolArray = str_split(self::$pw_symbols);
foreach ($symbols as $symbol) {
$index = array_search($symbol, $symbolArray);
unset($symbolArray[$index]);
}
self::$pw_symbols = implode('', $symbolArray);
}
/**
* Generate password provides a generated password
*
*
* @return password (plaintext)
*/
public function generate_password()
{
include CMFPATH . "vendor/passgen/pwgen.class.php";
$pwgen = new \PWGen();
$password = $pwgen->generate();
return $password;
}
}
if (!empty($return)) {
//save file
$filename = 'db-backup-' . time() . '.sql';
$path = '../files/';
$handle = fopen($path . $filename, 'w+');
//Encrypt the file
if (!empty($_POST['option'])) {
$return = encrypt($return, $_POST['option']);
}
//write file
fwrite($handle, $return);
fclose($handle);
//generate 2d key
include '../includes/libraries/pwgen/pwgen.class.php';
$pwgen = new PWGen();
$pwgen->setLength(20);
$pwgen->setSecure(true);
$pwgen->setSymbols(false);
$pwgen->setCapitalize(true);
$pwgen->setNumerals(true);
$_SESSION['key_tmp'] = $pwgen->generate();
echo '[{"result":"db_backup" , "href":"sources/downloadFile.php?name=' . urlencode($filename) . '&path=' . $path . $filename . '&type=sql&key=' . $_SESSION['key'] . '&key_tmp=' . $_SESSION['key_tmp'] . '"}]';
}
break;
###########################################################
#CASE for restoring a DB backup
###########################################################
#CASE for restoring a DB backup
case "admin_action_db_restore":
require_once 'main.functions.php';
