/** * コンストラクタ */ public function __construct() { global $adminpass, $vars; // if (!isset($this->auth_name)) throw new Exception('$this->auth_name has not set.'); // コールバック先のページ $page = isset($vars['page']) ? $vars['page'] : null; // 管理人のパスワードのハッシュを暗号/復号のキーとする list(, $salt) = Auth::passwd_parse($adminpass); // 暗号化/復号化用 $this->bc = BlockCipher::factory('mcrypt', array('algo' => 'des', 'mode' => 'cfb', 'hash' => 'sha512', 'salt' => $salt)); // コールバック先のURL。通常プラグインのコールバックアドレスが返される $this->callbackUrl = isset($this->auth_name) ? Router::get_resolve_uri($this->auth_name, $vars['page'], 'full') : null; // セッション名 $this->session_name = self::SESSION_PREFIX . md5(Router::get_script_absuri() . session_id()); }
function htdigest_save($username, $p_realm, $hash, $role) { global $realm, $_htdigest_msg; if ($realm != $p_realm) { return $_htdigest_msg['msg_realm']; } // DES if ($role > 2) { $key = htdigest_get_hash($username, $p_realm); } else { // adminpass global $adminpass; list($scheme, $key) = Auth::passwd_parse($adminpass); // FIXME: MD5 ONLY if ($scheme != '{x-php-md5}') { return $_htdigest_msg['err_md5']; } } $blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'des', 'mode' => 'cfb', 'hash' => 'sha512', 'salt' => $key, 'padding' => 2)); $decrypted_hash = $blockCipher->decrypt($hash); // $hash = des($key, base64_decode($hash), 0, 0, null); if (!preg_match('/^[a-z0-9]+$/iD', $decrypted_hash)) { return $_htdigest_msg['err_key']; } // SAVE if (file_exists(HTDIGEST_FILE)) { $lines = file(HTDIGEST_FILE); } else { $fp = fopen(HTDIGEST_FILE, 'w'); @flock($fp, LOCK_EX); fputs($fp, $username . ':' . $realm . ':' . $decrypted_hash . "\n"); @flock($fp, LOCK_UN); @fclose($fp); return $_htdigest_msg['msg_1st']; } $sw = FALSE; foreach ($lines as &$line) { $field = explode(':', trim($line)); if ($field[0] == $username && $field[1] == $p_realm) { if ($field[2] == $decrypted_hash) { return $_htdigest_msg['msg_not_update']; } $sw = TRUE; $line = $field[0] . ':' . $field[1] . ':' . $decrypted_hash . "\n"; break; } } if (!$sw) { $fp = fopen(HTDIGEST_FILE, 'a'); @flock($fp, LOCK_EX); fputs($fp, $username . ':' . $p_realm . ':' . $decrypted_hash . "\n"); @flock($fp, LOCK_UN); @fclose($fp); return $_htdigest_msg['msg_add']; } $fp = fopen(HTDIGEST_FILE, 'w'); @flock($fp, LOCK_EX); foreach ($lines as $line) { fwrite($fp, $line); } @flock($fp, LOCK_UN); @fclose($fp); return $_htdigest_msg['msg_update']; }
/** * ユーザのパスワードを取得 * @param string $user ユーザ名 * @return array */ function getPassword($user) { if (empty($this->auth_users[$user])) { // scheme, salt, role return array(null, null, null); } $role = empty($this->auth_users[$user][self::USER_ADD]) ? null : $this->auth_users[$user][self::USER_ADD]; list($scheme, $salt) = Auth::passwd_parse($this->auth_users[$user][self::USER_NOTCHANGED]); return array($scheme, $salt, $role); }