} else { if (0 == strcasecmp($attr, 'userPassword') && $config->GetValue('appearance', 'obfuscate_password_display')) { echo preg_replace('/./', '*', $vals) . "<br />"; } else { echo $vals . "<br />"; } } echo "</td>"; continue; } /* * Is this a userPassword attribute? */ if (!strcasecmp($attr, 'userpassword')) { $user_password = $vals[0]; $enc_type = get_enc_type($user_password); // Set the default hashing type if the password is blank (must be newly created) if ($user_password == '') { $enc_type = get_default_hash($server_id); } if ($side == 'dst') { ?> <input type="hidden" name="old_values[userpassword]" value="<?php echo htmlspecialchars($user_password); ?> " /> <!-- Special case of enc_type to detect changes when user changes enc_type but not the password value --> <input size="38" type="hidden" name="old_enc_type" value="<?php echo $enc_type == '' ? 'clear' : $enc_type;
protected function drawFormReadWriteValuePasswordAttribute($attribute, $i) { if (DEBUGTMP) { printf('<font size=-2>%s</font><br />', __METHOD__); } $server = $this->getServer(); $val = $attribute->getValue($i); $enc_type = get_enc_type($val); # Set the default hashing type if the password is blank (must be newly created) if (trim($val)) { $enc_type = get_enc_type($val); } else { $enc_type = $server->getValue('appearance', 'pla_password_hash'); } echo '<table cellspacing="0" cellpadding="0"><tr><td valign="top">'; $obfuscate_password = obfuscate_password_display($enc_type); $id = sprintf('new_values_%s_%s', htmlspecialchars($attribute->getName()), $i); printf('<input type="%s" class="value" name="new_values[%s][%s]" id="%s" value="%s" %s%s %s %s/>', $obfuscate_password ? 'password' : 'text', htmlspecialchars($attribute->getName()), $i, $id, htmlspecialchars($val), $attribute->needJS('focus') ? sprintf('onfocus="focus_%s(this);" ', $attribute->getName()) : '', $attribute->needJS('blur') ? sprintf('onblur="blur_%s(this);" ', $attribute->getName()) : '', $attribute->getSize() > 0 ? sprintf('size="%s"', $attribute->getSize()) : '', $attribute->getMaxLength() > 0 ? sprintf('maxlength="%s"', $attribute->getMaxLength()) : ''); echo '</td><td valign="top">'; if ($attribute->getHelper()) { $this->draw('Helper', $attribute, $i); } else { $this->draw('DefaultHelper', $attribute, $i); } echo '</td></tr><tr><td valign="top">'; if ($attribute->getVerify() && $obfuscate_password) { printf('<input type="password" class="value" name="new_values_verify[%s][%s]" id="new_values_verify_%s_%s" value="" %s %s/>', htmlspecialchars($attribute->getName()), $i, htmlspecialchars($attribute->getName()), $i, $attribute->getSize() > 0 ? sprintf('size="%s"', $attribute->getSize()) : '', $attribute->getMaxLength() > 0 ? sprintf('maxlength="%s"', $attribute->getMaxLength()) : ''); echo '</td><td valign="top">'; printf('(%s)', _('confirm')); echo '</td></tr><tr><td valign="top">'; } $this->draw('CheckLink', $attribute, $id); echo '</td></tr></table>'; }
*/ /** */ require './common.php'; $www['page'] = new page(); $request = array(); $request['componentid'] = get_request('componentid', 'REQUEST'); $request['hash'] = get_request('hash', 'REQUEST'); $request['password'] = get_request('check_password', 'REQUEST'); $request['action'] = get_request('action', 'REQUEST'); $request['attribute'] = get_request('attr', 'REQUEST'); if (get_request('base64', 'REQUEST')) { $request['hash'] = base64_decode($request['hash']); $request['password'] = base64_decode($request['password']); } $request['enc_type'] = get_enc_type($request['hash']); printf('<h3 class="subtitle">%s</h3>', _('Password Checker Tool')); echo '<form action="password_checker.php" method="post">'; echo '<input type="hidden" name="action" value="compare" />'; printf('<input type="hidden" name="attr" value="%s" />', $request['attribute']); echo '<table class="forminput" width="100%" border="0">'; echo '<tr>'; printf('<td class="heading">%s</td>', _('Compare')); printf('<td><input type="%s" name="hash" id="hash" value="%s" /></td>', obfuscate_password_display($request['enc_type']) ? 'password' : 'text', htmlspecialchars($request['hash'])); echo '</tr>'; echo '<tr>'; printf('<td class="heading">%s</td>', _('To')); printf('<td><input type="password" name="check_password" value="%s" /></td>', htmlspecialchars($request['password'])); echo '</tr>'; echo '<tr>'; echo '<td> </td>';
protected function drawDefaultHelperPasswordAttribute($attribute, $i) { $id = 'enc'; if ($val = $attribute->getValue($i)) { $default = get_enc_type($val); } else { $default = $this->getServer()->getValue('appearance', 'password_hash'); } if (!$attribute->getPostValue()) { printf('<input type="hidden" name="post_value[%s][]" value="%s" />', $attribute->getName(), $i); } printf('<select name="%s[%s][%s]" id="%s_%s_%s">', $id, htmlspecialchars($attribute->getName()), $i, $id, htmlspecialchars($attribute->getName()), $i); foreach (password_types() as $v => $display) { printf('<option value="%s" %s>%s</option>', $v, $v == $default ? 'selected="selected"' : '', $display); } echo '</select>'; }
printf('<li><a href="%s"><img src="images/save.png" />%s (%s)</a></li>', $href, _('download value'), $i); } } else { $href = sprintf('download_binary_attr.php?server_id=%s&dn=%s&attr=%s', $ldapserver->server_id, $encoded_dn, $attr); printf('<li><a href="%s"><img src="images/save.png" />%s</a></li>', $href, _('download value')); } echo '</ul>'; # <!-- Temporary warning until we find a way to add jpegPhoto values without an INAPROPRIATE_MATCHING error --> printf('<p><small>%s</small></p>', _('Note: You will get an "inappropriate matching" error if you have not setup an EQUALITY rule on your LDAP server for this attribute.')); # <!-- End of temporary warning --> } else { echo '<ul class="current_values">'; if (is_array($current_values)) { if (strcasecmp($attr, 'userPassword') == 0) { foreach ($current_values as $key => $value) { if (obfuscate_password_display(get_enc_type($value))) { echo '<li><nobr>' . preg_replace('/./', '*', $value) . '<br /></li>'; } else { echo '<li><nobr>' . htmlspecialchars($value) . '<br /></li>'; } } } else { foreach ($current_values as $val) { printf('<li><nobr>%s</nobr></li>', htmlspecialchars($val)); } } } else { printf('<li><nobr>%s</nobr></li>', htmlspecialchars($current_values)); } echo '</ul>'; }
} } elseif (is_array($old_values[$attr])) { foreach ($old_values[$attr] as $v) { echo nl2br(htmlspecialchars($v)) . '<br />'; } } else { echo nl2br(htmlspecialchars($old_values[$attr])) . '<br />'; } echo '</nobr></td>'; echo '<td><nobr>'; # Is this a multi-valued attribute? if (is_array($new_val)) { if (strcasecmp($attr, 'userPassword') == 0) { foreach ($new_values[$attr] as $key => $value) { if (isset($new_val[$key])) { if (obfuscate_password_display(get_enc_type($new_val[$key]))) { echo preg_replace('/./', '*', $new_val[$key]) . '<br />'; } else { echo htmlspecialchars($new_val[$key]) . '<br />'; } } } } else { foreach ($new_val as $i => $v) { if ($v == '') { # Remove it from the update array if it's empty unset($update_array[$attr][$i]); $update_array[$attr] = array_values($update_array[$attr]); } else { echo nl2br(htmlspecialchars($v)) . '<br />'; }
/** * @package phpLDAPadmin */ /** */ require './common.php'; include './header.php'; $hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : null; $check_password = isset($_REQUEST['check_password']) ? $_REQUEST['check_password'] : null; //print_r( $_REQUEST ); //var_dump( $check_password ); if (isset($_REQUEST['base64'])) { $hash = base64_decode($hash); $check_password = base64_decode($check_password); } $enc_type = get_enc_type($hash); ?> <h3 class="subtitle"><?php echo _('Password Checker Tool'); ?> </h3> <form style="margin: 0" action="password_checker.php" method="post"> <input type="hidden" name="action" value="compare" /> <table style="border-spacing: 10px"> <tr> <td><?php echo _('Compare'); ?> </td>