Esempio n. 1
0
function AuthenticationBasicHTTP($realm, $users, $phpcgi = 0)
{
    if (empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['REDIRECT_REMOTE_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
        header('WWW-Authenticate: Basic realm="' . $realm . '"');
        header('HTTP/1.0 401 Unauthorized');
        die('401 Unauthorized');
    }
    $user = $_SERVER['PHP_AUTH_USER'];
    if ($phpcgi == 1) {
        $matches = explode(' ', $_SERVER['REDIRECT_REMOTE_USER']);
        list($name, $password) = explode(':', base64_decode($matches[1]));
        $_SERVER['PHP_AUTH_USER'] = $user = strip_tags($name);
        $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
    }
    if (!empty($GLOBALS['webdav_authentication_method']) && file_exists(_EXT_PATH . '/include/authentication/' . $GLOBALS['webdav_authentication_method'] . '.php')) {
        require_once _EXT_PATH . '/include/authentication/' . $GLOBALS['webdav_authentication_method'] . '.php';
        $classname = 'ext_' . $GLOBALS['webdav_authentication_method'] . '_authentication';
        $auth = new $classname();
    } else {
        require_once _EXT_PATH . '/include/authentication/extplorer.php';
        $auth = new ext_extplorer_authentication();
    }
    if ($auth->onAuthenticate(array('username' => $user, 'password' => $_SERVER['PHP_AUTH_PW'])) !== false) {
        return TRUE;
    }
    header('WWW-Authenticate: Basic realm="' . $realm . '"');
    header('HTTP/1.0 401 Unauthorized');
    die('401 Unauthorized');
    return FALSE;
}
Esempio n. 2
0
function changepwd($dir)
{
    // Change Password
    if ($GLOBALS['__POST']["newpwd1"] != $GLOBALS['__POST']["newpwd2"]) {
        ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnopassmatch"]);
    }
    $data = ext_find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], null);
    // Username not existing
    if ($data === NULL) {
        ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]);
    }
    require_once _EXT_PATH . '/libraries/PasswordHash.php';
    $hasher = new PasswordHash(8, FALSE);
    $result = $hasher->CheckPassword($GLOBALS['__POST']["oldpwd"], $data[1]);
    if (!$result) {
        $data = ext_find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], md5(stripslashes($GLOBALS['__POST']["oldpwd"])));
        if ($data == NULL) {
            ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]);
        }
    }
    $data[1] = extEncodePassword(stripslashes($GLOBALS['__POST']["newpwd1"]));
    if (!ext_update_user($data[0], $data)) {
        ext_Result::sendResult('changepwd', false, $data[0] . ": " . $GLOBALS["error_msg"]["chpass"]);
    }
    require_once _EXT_PATH . '/include/authentication/extplorer.php';
    $auth = new ext_extplorer_authentication();
    $auth->onAuthenticate(array('username' => $data[0], 'password' => $data[1]));
    ext_Result::sendResult('changepwd', true, ext_Lang::msg('change_password_success'));
}
Esempio n. 3
0
function changepwd($dir)
{
    // Change Password
    $pwd = extEncodePassword(stripslashes($GLOBALS['__POST']["oldpwd"]));
    if ($GLOBALS['__POST']["newpwd1"] != $GLOBALS['__POST']["newpwd2"]) {
        ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnopassmatch"]);
    }
    $data = find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], $pwd);
    if ($data == NULL) {
        ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]);
    }
    $data[1] = extEncodePassword(stripslashes($GLOBALS['__POST']["newpwd1"]));
    if (!update_user($data[0], $data)) {
        ext_Result::sendResult('changepwd', false, $data[0] . ": " . $GLOBALS["error_msg"]["chpass"]);
    }
    require_once _EXT_PATH . '/include/authentication/extplorer.php';
    $auth = new ext_extplorer_authentication();
    $auth->onAuthenticate(array('username' => $data[0], 'password' => $data[1]));
    ext_Result::sendResult('changepwd', true, ext_Lang::msg('change_password_success'));
}