예제 #1
0
/**
 * Updates htaccess user.
 *
 * @param int $dmn_id Domain unique identifier
 * @param int $uuser_id Htaccess user unique identifier
 * @return
 */
function client_updateHtaccessUser(&$dmn_id, &$uuser_id)
{
    if (isset($_POST['uaction']) && $_POST['uaction'] == 'modify_user') {
        // we have to add the user
        if (isset($_POST['pass']) && isset($_POST['pass_rep'])) {
            if (!checkPasswordSyntax($_POST['pass'])) {
                return;
            }
            if ($_POST['pass'] !== $_POST['pass_rep']) {
                set_page_message(tr("Passwords do not match."), 'error');
                return;
            }
            $nadmin_password = cryptPasswordWithSalt($_POST['pass'], generateRandomSalt(true));
            $change_status = 'tochange';
            $query = "\n\t\t\t\tUPDATE\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tSET\n\t\t\t\t\t`upass` = ?, `status` = ?\n\t\t\t\tWHERE\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t\tAND\n\t\t\t\t\t`id` = ?\n\t\t\t";
            exec_query($query, array($nadmin_password, $change_status, $dmn_id, $uuser_id));
            send_request();
            $query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`uname`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tWHERE\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t\tAND\n\t\t\t\t\t`id` = ?\n\t\t\t";
            $rs = exec_query($query, array($dmn_id, $uuser_id));
            $uname = $rs->fields['uname'];
            $admin_login = $_SESSION['user_logged'];
            write_log("{$admin_login}: updated htaccess user ID: {$uname}", E_USER_NOTICE);
            redirectTo('protected_user_manage.php');
        }
    } else {
        return;
    }
}
예제 #2
0
function getServerSalt()
{
    $saltfile = 'data/salt.php';
    if (!is_file($saltfile)) {
        file_put_contents($saltfile, '<?php /* |' . generateRandomSalt() . '| */ ?>');
    }
    $items = explode('|', file_get_contents($saltfile));
    return $items[1];
}
예제 #3
0
/**
 * Add Htaccess user.
 *
 * @param int $domainId Domain unique identifier
 * @return
 */
function client_addHtaccessUser($domainId)
{
    if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_user') {
        // we have to add the user
        if (isset($_POST['username']) && isset($_POST['pass']) && isset($_POST['pass_rep'])) {
            if (!validates_username($_POST['username'])) {
                set_page_message(tr('Wrong username.'), 'error');
                return;
            }
            if (!checkPasswordSyntax($_POST['pass'])) {
                return;
            }
            if ($_POST['pass'] !== $_POST['pass_rep']) {
                set_page_message(tr("Passwords do not match."), 'error');
                return;
            }
            $status = 'toadd';
            $uname = clean_input($_POST['username']);
            $upass = cryptPasswordWithSalt($_POST['pass'], generateRandomSalt(true));
            $query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`id`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tWHERE\n\t\t\t\t\t`uname` = ?\n\t\t\t\tAND\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t";
            $rs = exec_query($query, array($uname, $domainId));
            if ($rs->rowCount() == 0) {
                $query = "\n\t\t\t\t\tINSERT INTO `htaccess_users` (\n\t\t\t\t\t    `dmn_id`, `uname`, `upass`, `status`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t    ?, ?, ?, ?\n\t\t\t\t\t)\n\t\t\t\t";
                exec_query($query, array($domainId, $uname, $upass, $status));
                send_request();
                set_page_message(tr('Htaccess user successfully scheduled for addition.'), 'success');
                $admin_login = $_SESSION['user_logged'];
                write_log("{$admin_login}: added new htaccess user: {$uname}", E_USER_NOTICE);
                redirectTo('protected_user_manage.php');
            } else {
                set_page_message(tr('This htaccess user already exist.'), 'error');
                return;
            }
        }
    } else {
        return;
    }
}
예제 #4
0
/**
 * Encrypts the given password with salt.
 *
 * @param string $password the password in clear text
 * @param string|null $salt OPTIONAL Salt to use
 * @return string the password encrypted with salt
 */
function cryptPasswordWithSalt($password, $salt = null)
{
    return crypt($password, !is_null($salt) ? $salt : generateRandomSalt());
}