function AuthenticationBasicHTTP($realm, $users, $phpcgi = 0)
{
if (empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['REDIRECT_REMOTE_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
}
$user = $_SERVER['PHP_AUTH_USER'];
if ($phpcgi == 1) {
$matches = explode(' ', $_SERVER['REDIRECT_REMOTE_USER']);
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = $user = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
if (!empty($GLOBALS['webdav_authentication_method']) && file_exists(_EXT_PATH . '/include/authentication/' . $GLOBALS['webdav_authentication_method'] . '.php')) {
require_once _EXT_PATH . '/include/authentication/' . $GLOBALS['webdav_authentication_method'] . '.php';
$classname = 'ext_' . $GLOBALS['webdav_authentication_method'] . '_authentication';
$auth = new $classname();
} else {
require_once _EXT_PATH . '/include/authentication/extplorer.php';
$auth = new ext_extplorer_authentication();
}
if ($auth->onAuthenticate(array('username' => $user, 'password' => $_SERVER['PHP_AUTH_PW'])) !== false) {
return TRUE;
}
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
return FALSE;
}
function changepwd($dir)
{
// Change Password
if ($GLOBALS['__POST']["newpwd1"] != $GLOBALS['__POST']["newpwd2"]) {
ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnopassmatch"]);
}
$data = ext_find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], null);
// Username not existing
if ($data === NULL) {
ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]);
}
require_once _EXT_PATH . '/libraries/PasswordHash.php';
$hasher = new PasswordHash(8, FALSE);
$result = $hasher->CheckPassword($GLOBALS['__POST']["oldpwd"], $data[1]);
if (!$result) {
$data = ext_find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], md5(stripslashes($GLOBALS['__POST']["oldpwd"])));
if ($data == NULL) {
ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]);
}
}
$data[1] = extEncodePassword(stripslashes($GLOBALS['__POST']["newpwd1"]));
if (!ext_update_user($data[0], $data)) {
ext_Result::sendResult('changepwd', false, $data[0] . ": " . $GLOBALS["error_msg"]["chpass"]);
}
require_once _EXT_PATH . '/include/authentication/extplorer.php';
$auth = new ext_extplorer_authentication();
$auth->onAuthenticate(array('username' => $data[0], 'password' => $data[1]));
ext_Result::sendResult('changepwd', true, ext_Lang::msg('change_password_success'));
}
function changepwd($dir)
{
// Change Password
$pwd = extEncodePassword(stripslashes($GLOBALS['__POST']["oldpwd"]));
if ($GLOBALS['__POST']["newpwd1"] != $GLOBALS['__POST']["newpwd2"]) {
ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnopassmatch"]);
}
$data = find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], $pwd);
if ($data == NULL) {
ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]);
}
$data[1] = extEncodePassword(stripslashes($GLOBALS['__POST']["newpwd1"]));
if (!update_user($data[0], $data)) {
ext_Result::sendResult('changepwd', false, $data[0] . ": " . $GLOBALS["error_msg"]["chpass"]);
}
require_once _EXT_PATH . '/include/authentication/extplorer.php';
$auth = new ext_extplorer_authentication();
$auth->onAuthenticate(array('username' => $data[0], 'password' => $data[1]));
ext_Result::sendResult('changepwd', true, ext_Lang::msg('change_password_success'));
}