function AuthenticationBasicHTTP($realm, $users, $phpcgi = 0) { if (empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['REDIRECT_REMOTE_USER']) || empty($_SERVER['PHP_AUTH_PW'])) { header('WWW-Authenticate: Basic realm="' . $realm . '"'); header('HTTP/1.0 401 Unauthorized'); die('401 Unauthorized'); } $user = $_SERVER['PHP_AUTH_USER']; if ($phpcgi == 1) { $matches = explode(' ', $_SERVER['REDIRECT_REMOTE_USER']); list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = $user = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } if (!empty($GLOBALS['webdav_authentication_method']) && file_exists(_EXT_PATH . '/include/authentication/' . $GLOBALS['webdav_authentication_method'] . '.php')) { require_once _EXT_PATH . '/include/authentication/' . $GLOBALS['webdav_authentication_method'] . '.php'; $classname = 'ext_' . $GLOBALS['webdav_authentication_method'] . '_authentication'; $auth = new $classname(); } else { require_once _EXT_PATH . '/include/authentication/extplorer.php'; $auth = new ext_extplorer_authentication(); } if ($auth->onAuthenticate(array('username' => $user, 'password' => $_SERVER['PHP_AUTH_PW'])) !== false) { return TRUE; } header('WWW-Authenticate: Basic realm="' . $realm . '"'); header('HTTP/1.0 401 Unauthorized'); die('401 Unauthorized'); return FALSE; }
function changepwd($dir) { // Change Password if ($GLOBALS['__POST']["newpwd1"] != $GLOBALS['__POST']["newpwd2"]) { ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnopassmatch"]); } $data = ext_find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], null); // Username not existing if ($data === NULL) { ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]); } require_once _EXT_PATH . '/libraries/PasswordHash.php'; $hasher = new PasswordHash(8, FALSE); $result = $hasher->CheckPassword($GLOBALS['__POST']["oldpwd"], $data[1]); if (!$result) { $data = ext_find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], md5(stripslashes($GLOBALS['__POST']["oldpwd"]))); if ($data == NULL) { ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]); } } $data[1] = extEncodePassword(stripslashes($GLOBALS['__POST']["newpwd1"])); if (!ext_update_user($data[0], $data)) { ext_Result::sendResult('changepwd', false, $data[0] . ": " . $GLOBALS["error_msg"]["chpass"]); } require_once _EXT_PATH . '/include/authentication/extplorer.php'; $auth = new ext_extplorer_authentication(); $auth->onAuthenticate(array('username' => $data[0], 'password' => $data[1])); ext_Result::sendResult('changepwd', true, ext_Lang::msg('change_password_success')); }
function changepwd($dir) { // Change Password $pwd = extEncodePassword(stripslashes($GLOBALS['__POST']["oldpwd"])); if ($GLOBALS['__POST']["newpwd1"] != $GLOBALS['__POST']["newpwd2"]) { ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnopassmatch"]); } $data = find_user($GLOBALS['__SESSION']['credentials_extplorer']['username'], $pwd); if ($data == NULL) { ext_Result::sendResult('changepwd', false, $GLOBALS["error_msg"]["miscnouserpass"]); } $data[1] = extEncodePassword(stripslashes($GLOBALS['__POST']["newpwd1"])); if (!update_user($data[0], $data)) { ext_Result::sendResult('changepwd', false, $data[0] . ": " . $GLOBALS["error_msg"]["chpass"]); } require_once _EXT_PATH . '/include/authentication/extplorer.php'; $auth = new ext_extplorer_authentication(); $auth->onAuthenticate(array('username' => $data[0], 'password' => $data[1])); ext_Result::sendResult('changepwd', true, ext_Lang::msg('change_password_success')); }