<?php
include_once 'includes/checklogin.php';
include_once 'tools/htpasswd.php';
include_once 'includes/head.php';
include_once 'includes/nav.php';
$htpasswd = new htpasswd($ini['secure_path'], true);
$use_metadata = $ini['use_metadata'];
?>
<div class="container box">
<div class="row">
<div class="col-xs-12">
<?php
echo "<h2>" . $ini['app_title'] . "</h2>";
if (isset($_POST['user'])) {
$username = $_POST['user'];
$passwd = $_POST['pwd'];
if ($use_metadata) {
$meta_model = new meta_model();
$meta_model->user = $username;
$meta_model->email = $_POST['email'];
$meta_model->name = $_POST['name'];
$meta_model->mailkey = random_password(8);
}
if (!check_username($username) || !check_password_quality($passwd)) {
?>
<div class="alert alert-danger">
<?php
echo "<p>User <em>" . htmlspecialchars($username) . "</em> is invalid!.</p>";
} else {
<?php
session_start();
include_once 'tools/htpasswd.php';
include_once 'includes/head.php';
include_once 'includes/nav.php';
$htpasswd = new htpasswd($ini['secure_path']);
?>
<div class="container box">
<div class="row">
<div class="col-xs-12">
<h2>Change your password here:</h2>
<?php
$equal = true;
$success = false;
if (isset($_POST['user']) && isset($_POST['oldpwd']) && isset($_POST['newpwd']) && isset($_POST['newpwd2'])) {
$username = $_POST['user'];
$old = $_POST['oldpwd'];
$new = $_POST['newpwd'];
$new2 = $_POST['newpwd2'];
if ($new == $new2 && $htpasswd->user_check($username, $old)) {
$htpasswd->user_update($username, $new);
?>
<div class="alert alert-info">Password changed successfully.</div>
<?php
} else {
?>
<div class="alert alert-danger">Could not change password.</div>
<?php
}
include_once 'includes/checklogin.php';
include_once 'includes/head.php';
include_once 'includes/nav.php';
include_once 'tools/htpasswd.php';
?>
<div class="container box">
<div class="row">
<div class="col-xs-12">
<h2>Create Admin Password Hash</h2>
<?php
if (isset($_POST['pwd'])) {
?>
<div class="alert alert-info">
<?php
echo "<p>Your new hash: <code>" . htpasswd::htcrypt($_POST['pwd']) . "</code></p>";
?>
</div>
<?php
}
?>
<p>Create a new password hash for the config file:</p>
<form class="navbar-form navbar-left" action="adminpwd.php" method="post">
<div class="form-group">
<p>
<input class="form-control" type="password" name="pwd"
placeholder="Password" />
</p>
<button type="submit" class="btn btn-default">Submit</button>
</div>
</form>
<?php
session_start();
include_once "tools/util.php";
if (!check_login()) {
echo "unauthorized";
die;
}
include_once 'tools/htpasswd.php';
$ini = read_config();
$use_metadata = $ini['use_metadata'];
$htpasswd = new htpasswd($ini['secure_path'], $use_metadata);
if (isset($_POST['user'])) {
$user = $_POST['user'];
if ($htpasswd->user_delete($user)) {
if ($use_metadata) {
$htpasswd->meta_delete($user);
}
echo "success";
} else {
echo "error";
}
} else {
echo "error";
}
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL);
require "htpasswd.class.php";
$users = new htpasswd(dirname(__FILE__) . "/downloads/.htpasswd");
if (isset($_POST['addusr'])) {
$usrname = $_POST['addusr']["usrname"];
$passwd = $_POST['addusr']["passwd"];
if (strlen($usrname) > 3 && strlen($passwd) > 3) {
if (!$users->userExists($usrname)) {
$users->addUser($usrname, $users->generatePw($passwd));
$users->save();
$echo = "User added .";
} else {
$echo = "user exists .";
}
} else {
$echo = "username / password must be at least 4 chars .";
}
}
if (isset($_POST['del'])) {
$username = $_POST['del']['username'];
$users->deleteUser($username);
$users->save();
$echo = "User deleted .";
}
if (isset($_POST['update'])) {
$username = $_POST['update']['username'];
$passwd = $_POST['update']['passwd'];
$users->updateUser($username, $users->generatePw($passwd));
<?php
include_once 'tools/util.php';
include_once 'tools/mail.php';
include_once 'tools/htpasswd.php';
include_once 'includes/head.php';
include_once 'includes/nav.php';
$htpasswd = new htpasswd($ini['secure_path'], true);
$protocol = strpos(strtolower($_SERVER['SERVER_PROTOCOL']), 'https') === FALSE ? 'http' : 'https';
$host = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$params = $_SERVER['QUERY_STRING'];
$mailUrl = $protocol . '://' . $host . $script;
$show_standardform = true;
?>
<div class="container box">
<div class="row">
<div class="col-xs-12">
<?php
if (isset($_POST['email'])) {
$email = $_POST['email'];
$user = $htpasswd->meta_find_user_for_mail($email);
if (!isset($user)) {
$alert_class = "alert-danger";
$alert_message = "Email not found: " . htmlspecialchars($email);
include_once 'includes/inline_message.php';
} else {
$meta_models = $htpasswd->get_metadata();
$meta_model = $meta_models[$user];
$link = $mailUrl . '?' . 'user='******'&' . 'key=' . urlencode($meta_model->mailkey);
send_forgotten_mail($email, $user, $link);
<?php
include_once '.htpasswd.php';
$user = $_SERVER['PHP_AUTH_USER'];
$newPass = file_get_contents('php://input');
$htpasswd = new htpasswd('[PATH TO .htpasswd]');
if ($htpasswd->user_update($user, $newPass)) {
echo json_encode("Updated password");
}
