Exemplos de código com md5crypt em PHP

Exemplo n.º 1

0

Exibir arquivo

Arquivo: pacrypt_helper.php Projeto: j0inty/postfixadmin-ng

 function pacrypt($pw, $pw_db = "")
 {
     $ci =& get_instance();
     $pw = stripslashes($pw);
     $password = "";
     $salt = "";
     if ($ci->config->item('encrypt') == 'md5crypt') {
         $split_salt = preg_split('/\\$/', $pw_db);
         if (isset($split_salt[2])) {
             $salt = $split_salt[2];
         }
         $password = md5crypt($pw, $salt);
     } elseif ($ci->config->item('encrypt') == 'md5') {
         $password = md5($pw);
     } elseif ($ci->config->item('encrypt') == 'system') {
         if ($pw_db) {
             $password = crypt($pw, $pw_db);
         } else {
             $password = crypt($pw);
         }
     } elseif ($ci->config->item('encrypt') == 'cleartext') {
         $password = $pw;
     } elseif ($ci->config->item('encrypt') == 'mysql_encrypt') {
         $pw = escape_string($pw);
         if ($pw_db != "") {
             $salt = escape_string(substr($pw_db, 0, 2));
             $res = db_query("SELECT ENCRYPT('" . $pw . "','" . $salt . "');");
         } else {
             $res = db_query("SELECT ENCRYPT('" . $pw . "');");
         }
         $l = db_row($res["result"]);
         $password = $l[0];
     } else {
         show_error('unknown/invalid encrypt settings for pacrypt setting: ' . $ci->config->item("encrypt"));
     }
     return $password;
 }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: index.php Projeto: FuaerCN/vesta

    // Get domain owner
    exec(VESTA_CMD . "v-search-domain-owner " . $v_domain . " 'mail'", $output, $return_var);
    if ($return_var == 0) {
        $v_user = $output[0];
    }
    unset($output);
    // Get current md5 hash
    if (!empty($v_user)) {
        exec(VESTA_CMD . "v-get-mail-account-value '" . $v_user . "' " . $v_domain . " " . $v_account . " 'md5'", $output, $return_var);
        if ($return_var == 0) {
            $v_hash = $output[0];
        }
    }
    unset($output);
    // Compare hashes
    if (!empty($v_hash)) {
        $salt = explode('$', $v_hash);
        $n_hash = md5crypt($password, $salt[2]);
        $n_hash = '{MD5}' . $n_hash;
        // Change password
        if ($v_hash == $n_hash) {
            exec(VESTA_CMD . "v-change-mail-account-password '" . $v_user . "' " . $v_domain . " " . $v_account . " " . $new, $output, $return_var);
            if ($return_var == 0) {
                echo "ok";
                exit;
            }
        }
    }
}
echo 'error';
exit;

Exemplo n.º 3

0

Exibir arquivo

Arquivo: functions.php Projeto: kornelek/lms

function module_mailhpasswdsave()
{
    global $_POST, $SESSION, $DB_MAIL;
    $mail = $_POST['pwd']['account'];
    $pw1 = $_POST['pwd']['password1'];
    $pw2 = $_POST['pwd']['password2'];
    if ($password1 == $password2) {
        $pw_crypted = md5crypt($pw1);
        $query = 'update mailbox set password = \'' . $pw_crypted . '\' where username = \'' . $mail . '\' and customerid = ' . $SESSION->id . ';';
        $DB_MAIL->Execute($query);
    }
    header('Location: ?m=accounts');
}

Exemplo n.º 4

0

Exibir arquivo

Arquivo: functions.inc.php Projeto: CELESTE77/postfixadmin-password

/**
 * Encrypt a password, using the apparopriate hashing mechanism as defined in 
 * config.inc.php ($CONF['encrypt']). 
 * When wanting to compare one pw to another, it's necessary to provide the salt used - hence
 * the second parameter ($pw_db), which is the existing hash from the DB.
 *
 * @param string $pw
 * @param string $encrypted password
 * @return string encrypted password.
 */
function pacrypt($pw, $pw_db = "")
{
    global $CONF;
    $pw = stripslashes($pw);
    $password = "";
    $salt = "";
    if ($CONF['encrypt'] == 'md5crypt') {
        $split_salt = preg_split('/\\$/', $pw_db);
        if (isset($split_salt[2])) {
            $salt = $split_salt[2];
        }
        $password = md5crypt($pw, $salt);
    } elseif ($CONF['encrypt'] == 'md5') {
        $password = md5($pw);
    } elseif ($CONF['encrypt'] == 'system') {
        if (preg_match("/\\\$1\\\$/", $pw_db)) {
            $split_salt = preg_split('/\\$/', $pw_db);
            $salt = "\$1\${$split_salt[2]}\$";
        } else {
            if (strlen($pw_db) == 0) {
                $salt = substr(md5(mt_rand()), 0, 2);
            } else {
                $salt = substr($pw_db, 0, 2);
            }
        }
        $password = crypt($pw, $salt);
    } elseif ($CONF['encrypt'] == 'cleartext') {
        $password = $pw;
    } elseif ($CONF['encrypt'] == 'mysql_encrypt') {
        if ($pw_db != "") {
            $salt = substr($pw_db, 0, 2);
            $res = db_query("SELECT ENCRYPT('" . $pw . "','" . $salt . "');");
        } else {
            $res = db_query("SELECT ENCRYPT('" . $pw . "');");
        }
        $l = db_row($res["result"]);
        $password = $l[0];
    } elseif ($CONF['encrypt'] == 'authlib') {
        $flavor = $CONF['authlib_default_flavor'];
        $salt = substr(create_salt(), 0, 2);
        # courier-authlib supports only two-character salts
        if (preg_match('/^{.*}/', $pw_db)) {
            // we have a flavor in the db -> use it instead of default flavor
            $result = preg_split('/[{}]/', $pw_db, 3);
            # split at { and/or }
            $flavor = $result[1];
            $salt = substr($result[2], 0, 2);
        }
        if (stripos($flavor, 'md5raw') === 0) {
            $password = '******' . $flavor . '}' . md5($pw);
        } elseif (stripos($flavor, 'md5') === 0) {
            $password = '******' . $flavor . '}' . base64_encode(md5($pw, TRUE));
        } elseif (stripos($flavor, 'crypt') === 0) {
            $password = '******' . $flavor . '}' . crypt($pw, $salt);
        } elseif (stripos($flavor, 'SHA') === 0) {
            $password = '******' . $flavor . '}' . base64_encode(sha1($pw, TRUE));
        } else {
            die("authlib_default_flavor '" . $flavor . "' unknown. Valid flavors are 'md5raw', 'md5', 'SHA' and 'crypt'");
        }
    } elseif (preg_match("/^dovecot:/", $CONF['encrypt'])) {
        $split_method = preg_split('/:/', $CONF['encrypt']);
        $method = strtoupper($split_method[1]);
        if (!preg_match("/^[A-Z0-9-]+\$/", $method)) {
            die("invalid dovecot encryption method");
        }
        # TODO: check against a fixed list?
        if (strtolower($method) == 'md5-crypt') {
            die("\$CONF['encrypt'] = 'dovecot:md5-crypt' will not work because dovecotpw generates a random salt each time. Please use \$CONF['encrypt'] = 'md5crypt' instead.");
        }
        $dovecotpw = "dovecotpw";
        if (!empty($CONF['dovecotpw'])) {
            $dovecotpw = $CONF['dovecotpw'];
        }
        # Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
        $spec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
        $pipe = proc_open("{$dovecotpw} '-s' {$method}", $spec, $pipes);
        if (!$pipe) {
            die("can't proc_open {$dovecotpw}");
        } else {
            // use dovecot's stdin, it uses getpass() twice
            // Write pass in pipe stdin
            fwrite($pipes[0], $pw . "\n", 1 + strlen($pw));
            usleep(1000);
            fwrite($pipes[0], $pw . "\n", 1 + strlen($pw));
            fclose($pipes[0]);
            // Read hash from pipe stdout
            $password = fread($pipes[1], "200");
            if (!preg_match('/^\\{' . $method . '\\}/', $password)) {
                $stderr_output = stream_get_contents($pipes[2]);
                error_log('dovecotpw password encryption failed.');
                error_log('STDERR output: ' . $stderr_output);
                die("can't encrypt password with dovecotpw, see error log for details");
            }
            fclose($pipes[1]);
            fclose($pipes[2]);
            proc_close($pipe);
            $password = trim(str_replace('{' . $method . '}', '', $password));
        }
    } else {
        die('unknown/invalid $CONF["encrypt"] setting: ' . $CONF['encrypt']);
    }
    $password = escape_string($password);
    return $password;
}

Exemplo n.º 5

0

Exibir arquivo

Arquivo: ChangePasswordPostfixAdminDriver.php Projeto: mondediefr/rainloop-webmail

 /**
  * @param string $sPassword
  * @param \PDO $oPdo
  *
  * @return string
  */
 private function cryptPassword($sPassword, $oPdo)
 {
     $sResult = '';
     $sSalt = substr(str_shuffle('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'), 0, 16);
     switch ($this->sEncrypt) {
         default:
         case 'plain':
         case 'cleartext':
             $sResult = $sPassword;
             break;
         case 'md5crypt':
             include_once __DIR__ . '/md5crypt.php';
             $sResult = md5crypt($sPassword);
             break;
         case 'md5':
             $sResult = md5($sPassword);
             break;
         case 'system':
             $sResult = crypt($sPassword);
             break;
         case 'SHA256-CRYPT':
             $sResult = '{SHA256-CRYPT}' . crypt($sPassword, '$5$' . $sSalt);
             break;
         case 'SHA512-CRYPT':
             $sResult = '{SHA512-CRYPT}' . crypt($sPassword, '$6$' . $sSalt);
             break;
         case 'mysql_encrypt':
             $oStmt = $oPdo->prepare('SELECT ENCRYPT(?) AS encpass');
             if ($oStmt->execute(array($sPassword))) {
                 $aFetchResult = $oStmt->fetchAll(\PDO::FETCH_ASSOC);
                 if (\is_array($aFetchResult) && isset($aFetchResult[0]['encpass'])) {
                     $sResult = $aFetchResult[0]['encpass'];
                 }
             }
             break;
     }
     return $sResult;
 }

Exemplo n.º 6

0

Exibir arquivo

Arquivo: ChangePasswordPostfixAdminDriver.php Projeto: helsaba/rainloop-webmail

 /**
  * @param string $sPassword
  * @param \PDO $oPdo
  *
  * @return string
  */
 private function cryptPassword($sPassword, $oPdo)
 {
     $sResult = '';
     switch ($this->sEncrypt) {
         default:
         case 'plain':
         case 'cleartext':
             $sResult = $sPassword;
             break;
         case 'md5crypt':
             include_once __DIR__ . '/md5crypt.php';
             $sResult = md5crypt($sPassword);
             break;
         case 'md5':
             $sResult = md5($sPassword);
             break;
         case 'system':
             $sResult = crypt($sPassword);
             break;
         case 'mysql_encrypt':
             $oStmt = $oPdo->prepare('SELECT ENCRYPT(?) AS encpass');
             if ($oStmt->execute(array($sPassword))) {
                 $aFetchResult = $oStmt->fetchAll(\PDO::FETCH_ASSOC);
                 if (\is_array($aFetchResult) && isset($aFetchResult[0]['encpass'])) {
                     $sResult = $aFetchResult[0]['encpass'];
                 }
             }
             break;
     }
     return $sResult;
 }

Exemplo n.º 7

0

Exibir arquivo

Arquivo: functions.inc.php Projeto: albanpeignier/postfixadmin

function pacrypt($pw, $pw_db = "")
{
    global $CONF;
    $pw = stripslashes($pw);
    $password = "";
    $salt = "";
    if ($CONF['encrypt'] == 'md5crypt') {
        $split_salt = preg_split('/\\$/', $pw_db);
        if (isset($split_salt[2])) {
            $salt = $split_salt[2];
        }
        $password = md5crypt($pw, $salt);
    }
    if ($CONF['encrypt'] == 'md5') {
        $password = md5($pw);
    }
    if ($CONF['encrypt'] == 'system') {
        if (ereg("\$1\$", $pw_db)) {
            $split_salt = preg_split('/\\$/', $pw_db);
            $salt = $split_salt[2];
        } else {
            if (strlen($pw_db) == 0) {
                $salt = substr(md5(mt_rand()), 0, 2);
            } else {
                $salt = substr($pw_db, 0, 2);
            }
        }
        $password = crypt($pw, $salt);
    }
    if ($CONF['encrypt'] == 'cleartext') {
        $password = $pw;
    }
    $password = escape_string($password);
    return $password;
}

Exemplo n.º 8

0

Exibir arquivo

Arquivo: functions.inc.php Projeto: port22/mail

/**
 * Encrypt a password, using the apparopriate hashing mechanism as defined in 
 * config.inc.php ($CONF['encrypt']). 
 * When wanting to compare one pw to another, it's necessary to provide the salt used - hence
 * the second parameter ($pw_db), which is the existing hash from the DB.
 *
 * @param string $pw
 * @param string $encrypted password
 * @return string encrypted password.
 */
function pacrypt($pw, $pw_db = "")
{
    global $CONF;
    $pw = stripslashes($pw);
    $password = "";
    $salt = "";
    if ($CONF['encrypt'] == 'md5crypt') {
        $split_salt = preg_split('/\\$/', $pw_db);
        if (isset($split_salt[2])) {
            $salt = $split_salt[2];
        }
        $password = md5crypt($pw, $salt);
    } elseif ($CONF['encrypt'] == 'md5') {
        $password = md5($pw);
    } elseif ($CONF['encrypt'] == 'system') {
        if ($pw_db) {
            $password = crypt($pw, $pw_db);
        } else {
            $password = crypt($pw);
        }
    } elseif ($CONF['encrypt'] == 'cleartext') {
        $password = $pw;
    } elseif ($CONF['encrypt'] == 'mysql_encrypt') {
        $pw = escape_string($pw);
        if ($pw_db != "") {
            $salt = escape_string(substr($pw_db, 0, 2));
            $res = db_query("SELECT ENCRYPT('" . $pw . "','" . $salt . "');");
        } else {
            $res = db_query("SELECT ENCRYPT('" . $pw . "');");
        }
        $l = db_row($res["result"]);
        $password = $l[0];
    } elseif ($CONF['encrypt'] == 'authlib') {
        $flavor = $CONF['authlib_default_flavor'];
        $salt = substr(create_salt(), 0, 2);
        # courier-authlib supports only two-character salts
        if (preg_match('/^{.*}/', $pw_db)) {
            // we have a flavor in the db -> use it instead of default flavor
            $result = preg_split('/[{}]/', $pw_db, 3);
            # split at { and/or }
            $flavor = $result[1];
            $salt = substr($result[2], 0, 2);
        }
        if (stripos($flavor, 'md5raw') === 0) {
            $password = '******' . $flavor . '}' . md5($pw);
        } elseif (stripos($flavor, 'md5') === 0) {
            $password = '******' . $flavor . '}' . base64_encode(md5($pw, TRUE));
        } elseif (stripos($flavor, 'crypt') === 0) {
            $password = '******' . $flavor . '}' . crypt($pw, $salt);
        } elseif (stripos($flavor, 'SHA') === 0) {
            $password = '******' . $flavor . '}' . base64_encode(sha1($pw, TRUE));
        } else {
            die("authlib_default_flavor '" . $flavor . "' unknown. Valid flavors are 'md5raw', 'md5', 'SHA' and 'crypt'");
        }
    } elseif (preg_match("/^dovecot:/", $CONF['encrypt'])) {
        $split_method = preg_split('/:/', $CONF['encrypt']);
        $method = strtoupper($split_method[1]);
        # TODO: if $pw_db starts with {method}, change $method accordingly
        if (!preg_match("/^[A-Z0-9.-]+\$/", $method)) {
            die("invalid dovecot encryption method");
        }
        # TODO: check against a fixed list?
        # if (strtolower($method) == 'md5-crypt') die("\$CONF['encrypt'] = 'dovecot:md5-crypt' will not work because dovecotpw generates a random salt each time. Please use \$CONF['encrypt'] = 'md5crypt' instead.");
        # $crypt_method = preg_match ("/.*-CRYPT$/", $method);
        # digest-md5 and SCRAM-SHA-1 hashes include the username - until someone implements it, let's declare it as unsupported
        if (strtolower($method) == 'digest-md5') {
            die("Sorry, \$CONF['encrypt'] = 'dovecot:digest-md5' is not supported by PostfixAdmin.");
        }
        if (strtoupper($method) == 'SCRAM-SHA-1') {
            die("Sorry, \$CONF['encrypt'] = 'dovecot:scram-sha-1' is not supported by PostfixAdmin.");
        }
        # TODO: add -u option for those hashes, or for everything that is salted (-u was available before dovecot 2.1 -> no problem with backward compability)
        $dovecotpw = "doveadm pw";
        if (!empty($CONF['dovecotpw'])) {
            $dovecotpw = $CONF['dovecotpw'];
        }
        # Use proc_open call to avoid safe_mode problems and to prevent showing plain password in process table
        $spec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
        $nonsaltedtypes = "SHA|SHA1|SHA256|SHA512|CLEAR|CLEARTEXT|PLAIN|PLAIN-TRUNC|CRAM-MD5|HMAC-MD5|PLAIN-MD4|PLAIN-MD5|LDAP-MD5|LANMAN|NTLM|RPA";
        $salted = !preg_match("/^({$nonsaltedtypes})(\\.B64|\\.BASE64|\\.HEX)?\$/", strtoupper($method));
        $dovepasstest = '';
        if ($salted && !empty($pw_db)) {
            # only use -t for salted passwords to be backward compatible with dovecot < 2.1
            $dovepasstest = " -t " . escapeshellarg($pw_db);
        }
        $pipe = proc_open("{$dovecotpw} '-s' {$method}{$dovepasstest}", $spec, $pipes);
        if (!$pipe) {
            die("can't proc_open {$dovecotpw}");
        } else {
            // use dovecot's stdin, it uses getpass() twice (except when using -t)
            // Write pass in pipe stdin
            if (empty($dovepasstest)) {
                fwrite($pipes[0], $pw . "\n", 1 + strlen($pw));
                usleep(1000);
            }
            fwrite($pipes[0], $pw . "\n", 1 + strlen($pw));
            fclose($pipes[0]);
            // Read hash from pipe stdout
            $password = fread($pipes[1], "200");
            if (empty($dovepasstest)) {
                if (!preg_match('/^\\{' . $method . '\\}/', $password)) {
                    $stderr_output = stream_get_contents($pipes[2]);
                    error_log('dovecotpw password encryption failed.');
                    error_log('STDERR output: ' . $stderr_output);
                    die("can't encrypt password with dovecotpw, see error log for details");
                }
            } else {
                if (!preg_match('(verified)', $password)) {
                    $password = "******";
                } else {
                    $password = rtrim(str_replace('(verified)', '', $password));
                }
            }
            fclose($pipes[1]);
            fclose($pipes[2]);
            proc_close($pipe);
            if (!empty($pw_db) && substr($pw_db, 0, 1) != '{') {
                # for backward compability with "old" dovecot passwords that don't have the {method} prefix
                $password = str_replace('{' . $method . '}', '', $password);
            }
            $password = rtrim($password);
        }
    } else {
        die('unknown/invalid $CONF["encrypt"] setting: ' . $CONF['encrypt']);
    }
    return $password;
}

Exemplos de md5crypt em PHP