PageRenderTime 51ms CodeModel.GetById 24ms RepoModel.GetById 0ms app.codeStats 0ms

/php-pear-File-Passwd-1.1.7/File_Passwd-1.1.7/Passwd/Custom.php

#
PHP | 593 lines | 251 code | 42 blank | 300 comment | 40 complexity | 169b7d425f307bbae469fa1439b50e64 MD5 | raw file
  1. <?php
  2. /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
  3. /**
  4. * File::Passwd::Custom
  5. *
  6. * PHP versions 4 and 5
  7. *
  8. * LICENSE: This source file is subject to version 3.0 of the PHP license
  9. * that is available through the world-wide-web at the following URI:
  10. * http://www.php.net/license/3_0.txt. If you did not receive a copy of
  11. * the PHP License and are unable to obtain it through the web, please
  12. * send a note to license@php.net so we can mail you a copy immediately.
  13. *
  14. * @category FileFormats
  15. * @package File_Passwd
  16. * @author Michael Wallner <mike@php.net>
  17. * @copyright 2003-2005 Michael Wallner
  18. * @license http://www.php.net/license/3_0.txt PHP License 3.0
  19. * @version CVS: $Id: Custom.php,v 1.10 2005/03/30 18:33:33 mike Exp $
  20. * @link http://pear.php.net/package/File_Passwd
  21. */
  22. /**
  23. * Requires File::Passwd::Common
  24. */
  25. require_once 'File/Passwd/Common.php';
  26. /**
  27. * Manipulate custom formatted passwd files
  28. *
  29. * Usage Example:
  30. * <code>
  31. * $cust = &File_Passwd::factory('Custom');
  32. * $cust->setDelim('|');
  33. * $cust->load();
  34. * $cust->setEncFunc(array('File_Passwd', 'crypt_apr_md5'));
  35. * $cust->addUser('mike', 'pass');
  36. * $cust->save();
  37. * </code>
  38. *
  39. * @author Michael Wallner <mike@php.net>
  40. * @version $Revision: 1.10 $
  41. * @access public
  42. */
  43. class File_Passwd_Custom extends File_Passwd_Common
  44. {
  45. /**
  46. * Delimiter
  47. *
  48. * @access private
  49. * @var string
  50. */
  51. var $_delim = ':';
  52. /**
  53. * Encryption function
  54. *
  55. * @access private
  56. * @var string
  57. */
  58. var $_enc = array('File_Passwd', 'crypt_md5');
  59. /**
  60. * 'name map'
  61. *
  62. * @access private
  63. * @var array
  64. */
  65. var $_map = array();
  66. /**
  67. * Whether to use the 'name map' or not
  68. *
  69. * @var boolean
  70. * @access private
  71. */
  72. var $_usemap = false;
  73. /**
  74. * Constructor
  75. *
  76. * @access protected
  77. * @return object
  78. */
  79. function File_Passwd_Custom($file = 'passwd')
  80. {
  81. $this->__construct($file);
  82. }
  83. /**
  84. * Fast authentication of a certain user
  85. *
  86. * Returns a PEAR_Error if:
  87. * o file doesn't exist
  88. * o file couldn't be opened in read mode
  89. * o file couldn't be locked exclusively
  90. * o file couldn't be unlocked (only if auth fails)
  91. * o file couldn't be closed (only if auth fails)
  92. * o invalid encryption function <var>$opts[0]</var>,
  93. * or no delimiter character <var>$opts[1]</var> was provided
  94. *
  95. * @throws PEAR_Error FILE_PASSWD_E_UNDEFINED |
  96. * FILE_PASSWD_E_FILE_NOT_OPENED |
  97. * FILE_PASSWD_E_FILE_NOT_LOCKED |
  98. * FILE_PASSWD_E_FILE_NOT_UNLOCKED |
  99. * FILE_PASSWD_E_FILE_NOT_CLOSED |
  100. * FILE_PASSWD_E_INVALID_ENC_MODE
  101. * @static call this method statically for a reasonable fast authentication
  102. * @access public
  103. * @return mixed Returns &true; if authenticated, &false; if not or
  104. * <classname>PEAR_Error</classname> on failure.
  105. * @param string $file path to passwd file
  106. * @param string $user user to authenticate
  107. * @param string $pass plaintext password
  108. * @param array $otps encryption function and delimiter charachter
  109. * (in this order)
  110. */
  111. function staticAuth($file, $user, $pass, $opts)
  112. {
  113. setType($opts, 'array');
  114. if (count($opts) != 2 || empty($opts[1])) {
  115. return PEAR::raiseError('Insufficient options.', 0);
  116. }
  117. $line = File_Passwd_Common::_auth($file, $user, $opts[1]);
  118. if (!$line || PEAR::isError($line)) {
  119. return $line;
  120. }
  121. list(,$real)= explode($opts[1], $line);
  122. $crypted = File_Passwd_Custom::_genPass($pass, $real, $opts[0]);
  123. if (PEAR::isError($crypted)) {
  124. return $crypted;
  125. }
  126. return ($crypted === $real);
  127. }
  128. /**
  129. * Set delimiter
  130. *
  131. * You can set a custom char to delimit the columns of a data set.
  132. * Defaults to a colon (':'). Be aware that this char mustn't be
  133. * in the values of your data sets.
  134. *
  135. * @access public
  136. * @return void
  137. * @param string $delim custom delimiting character
  138. */
  139. function setDelim($delim = ':')
  140. {
  141. @setType($delim, 'string');
  142. if (empty($delim)) {
  143. $this->_delim = ':';
  144. } else {
  145. $this->_delim = $delim{0};
  146. }
  147. }
  148. /**
  149. * Get custom delimiter
  150. *
  151. * @access public
  152. * @return string
  153. */
  154. function getDelim()
  155. {
  156. return $this->_delim;
  157. }
  158. /**
  159. * Set encryption function
  160. *
  161. * You can set a custom encryption function to use.
  162. * The supplied function will be called by php's call_user_function(),
  163. * so you can supply an array with a method of a class/object, too
  164. * (i.e. array('File_Passwd', 'crypt_apr_md5').
  165. *
  166. *
  167. * @throws PEAR_Error FILE_PASSWD_E_INVALID_ENC_MODE
  168. * @access public
  169. * @return mixed Returns &true; on success or
  170. * <classname>PEAR_Error</classname> on failure.
  171. * @param mixed $function callable encryption function
  172. */
  173. function setEncFunc($function = array('File_Passwd', 'crypt_md5'))
  174. {
  175. if (!is_callable($function)) {
  176. if (is_array($function)) {
  177. $function = implode('::', $function);
  178. }
  179. return PEAR::raiseError(
  180. sprintf(FILE_PASSWD_E_INVALID_ENC_MODE_STR, $function),
  181. FILE_PASSWD_E_INVALID_ENC_MODE
  182. );
  183. }
  184. $this->_enc = $function;
  185. return true;
  186. }
  187. /**
  188. * Get current custom encryption method
  189. *
  190. * Possible return values (examples):
  191. * o 'md5'
  192. * o 'File_Passwd::crypt_md5'
  193. *
  194. * @access public
  195. * @return string
  196. */
  197. function getEncFunc()
  198. {
  199. if (is_array($this->_enc)) {
  200. return implode('::', $this->_enc);
  201. }
  202. return $this->_enc;
  203. }
  204. /**
  205. * Whether to use the 'name map' of the extra properties or not
  206. *
  207. * @see File_Passwd_Custom::useMap()
  208. * @see setMap()
  209. * @see getMap()
  210. *
  211. * @access public
  212. * @return boolean always true if you set a value (true/false) OR
  213. * the actual value if called without param
  214. *
  215. * @param boolean $bool whether to use the 'name map' or not
  216. */
  217. function useMap($bool = null)
  218. {
  219. if (is_null($bool)) {
  220. return $this->_usemap;
  221. }
  222. $this->_usemap = (bool) $bool;
  223. return true;
  224. }
  225. /**
  226. * Set the 'name map' to use with the extra properties of the user
  227. *
  228. * This map is used for naming the associative array of the extra properties.
  229. *
  230. * Returns a PEAR_Error if <var>$map</var> was not of type array.
  231. *
  232. * @see getMap()
  233. * @see useMap()
  234. *
  235. * @throws PEAR_Error FILE_PASSWD_E_PARAM_MUST_BE_ARRAY
  236. * @access public
  237. * @return mixed true on success or PEAR_Error
  238. */
  239. function setMap($map = array())
  240. {
  241. if (!is_array($map)) {
  242. return PEAR::raiseError(
  243. sprintf(FILE_PASSWD_E_PARAM_MUST_BE_ARRAY_STR, '$map'),
  244. FILE_PASSWD_E_PARAM_MUST_BE_ARRAY
  245. );
  246. }
  247. $this->_map = $map;
  248. return true;
  249. }
  250. /**
  251. * Get the 'name map' which is used for the extra properties of the user
  252. *
  253. * @see setMap()
  254. * @see useMap()
  255. *
  256. * @access public
  257. * @return array
  258. */
  259. function getMap()
  260. {
  261. return $this->_map;
  262. }
  263. /**
  264. * Apply changes an rewrite passwd file
  265. *
  266. * Returns a PEAR_Error if:
  267. * o directory in which the file should reside couldn't be created
  268. * o file couldn't be opened in write mode
  269. * o file couldn't be locked exclusively
  270. * o file couldn't be unlocked
  271. * o file couldn't be closed
  272. *
  273. * @throws PEAR_Error FILE_PASSWD_E_FILE_NOT_OPENED |
  274. * FILE_PASSWD_E_FILE_NOT_LOCKED |
  275. * FILE_PASSWD_E_FILE_NOT_UNLOCKED |
  276. * FILE_PASSWD_E_FILE_NOT_CLOSED
  277. * @access public
  278. * @return mixed Returns &true; on success or
  279. * <classname>PEAR_Error</classname> on failure.
  280. */
  281. function save()
  282. {
  283. $content = '';
  284. foreach ($this->_users as $user => $array){
  285. $pass = array_shift($array);
  286. $extra = implode($this->_delim, $array);
  287. $content .= $user . $this->_delim . $pass;
  288. if (!empty($extra)) {
  289. $content .= $this->_delim . $extra;
  290. }
  291. $content .= "\n";
  292. }
  293. return $this->_save($content);
  294. }
  295. /**
  296. * Parse the Custom password file
  297. *
  298. * Returns a PEAR_Error if passwd file has invalid format.
  299. *
  300. * @throws PEAR_Error FILE_PASSWD_E_INVALID_FORMAT
  301. * @access public
  302. * @return mixed Returns &true; on success or
  303. * <classname>PEAR_Error</classname> on failure.
  304. */
  305. function parse()
  306. {
  307. $this->_users = array();
  308. foreach ($this->_contents as $line){
  309. $parts = explode($this->_delim, $line);
  310. if (count($parts) < 2) {
  311. return PEAR::raiseError(
  312. FILE_PASSWD_E_INVALID_FORMAT_STR,
  313. FILE_PASSWD_E_INVALID_FORMAT
  314. );
  315. }
  316. $user = array_shift($parts);
  317. $pass = array_shift($parts);
  318. $values = array();
  319. if ($this->_usemap) {
  320. $values['pass'] = $pass;
  321. foreach ($parts as $i => $value){
  322. if (isset($this->_map[$i])) {
  323. $values[$this->_map[$i]] = $value;
  324. } else {
  325. $values[$i+1] = $value;
  326. }
  327. }
  328. } else {
  329. $values = array_merge(array($pass), $parts);
  330. }
  331. $this->_users[$user] = $values;
  332. }
  333. $this->_contents = array();
  334. return true;
  335. }
  336. /**
  337. * Add an user
  338. *
  339. * The username must start with an alphabetical character and must NOT
  340. * contain any other characters than alphanumerics, the underline and dash.
  341. *
  342. * If you use the 'name map' you should also use these naming in
  343. * the supplied extra array, because your values would get mixed up
  344. * if they are in the wrong order, which is always true if you
  345. * DON'T use the 'name map'!
  346. *
  347. * So be warned and USE the 'name map'!
  348. *
  349. * Returns a PEAR_Error if:
  350. * o user already exists
  351. * o user contains illegal characters
  352. * o encryption mode is not supported
  353. * o any element of the <var>$extra</var> array contains the delimiter char
  354. *
  355. * @throws PEAR_Error FILE_PASSWD_E_EXISTS_ALREADY |
  356. * FILE_PASSWD_E_INVALID_ENC_MODE |
  357. * FILE_PASSWD_E_INVALID_CHARS
  358. * @access public
  359. * @return mixed Returns &true; on success or
  360. * <classname>PEAR_Error</classname> on failure.
  361. * @param string $user the name of the user to add
  362. * @param string $pass the password of the user to add
  363. * @param array $extra extra properties of user to add
  364. */
  365. function addUser($user, $pass, $extra = array())
  366. {
  367. if ($this->userExists($user)) {
  368. return PEAR::raiseError(
  369. sprintf(FILE_PASSWD_E_EXISTS_ALREADY_STR, 'User ', $user),
  370. FILE_PASSWD_E_EXISTS_ALREADY
  371. );
  372. }
  373. if (!preg_match($this->_pcre, $user) || strstr($user, $this->_delim)) {
  374. return PEAR::raiseError(
  375. sprintf(FILE_PASSWD_E_INVALID_CHARS_STR, 'User ', $user),
  376. FILE_PASSWD_E_INVALID_CHARS
  377. );
  378. }
  379. if (!is_array($extra)) {
  380. setType($extra, 'array');
  381. }
  382. foreach ($extra as $e){
  383. if (strstr($e, $this->_delim)) {
  384. return PEAR::raiseError(
  385. sprintf(FILE_PASSWD_E_INVALID_CHARS_STR, 'Property ', $e),
  386. FILE_PASSWD_E_INVALID_CHARS
  387. );
  388. }
  389. }
  390. $pass = $this->_genPass($pass);
  391. if (PEAR::isError($pass)) {
  392. return $pass;
  393. }
  394. /**
  395. * If you don't use the 'name map' the user array will be numeric.
  396. */
  397. if (!$this->_usemap) {
  398. array_unshift($extra, $pass);
  399. $this->_users[$user] = $extra;
  400. } else {
  401. $map = $this->_map;
  402. array_unshift($map, 'pass');
  403. $extra['pass'] = $pass;
  404. foreach ($map as $key){
  405. $this->_users[$user][$key] = @$extra[$key];
  406. }
  407. }
  408. return true;
  409. }
  410. /**
  411. * Modify properties of a certain user
  412. *
  413. * # DON'T MODIFY THE PASSWORD WITH THIS METHOD!
  414. *
  415. * You should use this method only if the 'name map' is used, too.
  416. *
  417. * Returns a PEAR_Error if:
  418. * o user doesn't exist
  419. * o any property contains the custom delimiter character
  420. *
  421. * @see changePasswd()
  422. *
  423. * @throws PEAR_Error FILE_PASSWD_E_EXISTS_NOT |
  424. * FILE_PASSWD_E_INVALID_CHARS
  425. * @access public
  426. * @return mixed true on success or PEAR_Error
  427. * @param string $user the user to modify
  428. * @param array $properties an associative array of
  429. * properties to modify
  430. */
  431. function modUser($user, $properties = array())
  432. {
  433. if (!$this->userExists($user)) {
  434. return PEAR::raiseError(
  435. sprintf(FILE_PASSWD_E_EXISTS_NOT_STR, 'User ', $user),
  436. FILE_PASSWD_E_EXISTS_NOT
  437. );
  438. }
  439. if (!is_array($properties)) {
  440. setType($properties, 'array');
  441. }
  442. foreach ($properties as $key => $value){
  443. if (strstr($value, $this->_delim)) {
  444. return PEAR::raiseError(
  445. sprintf(FILE_PASSWD_E_INVALID_CHARS_STR, 'User ', $user),
  446. FILE_PASSWD_E_INVALID_CHARS
  447. );
  448. }
  449. $this->_users[$user][$key] = $value;
  450. }
  451. return true;
  452. }
  453. /**
  454. * Change the password of a certain user
  455. *
  456. * Returns a PEAR_Error if:
  457. * o user doesn't exists
  458. * o encryption mode is not supported
  459. *
  460. * @throws PEAR_Error FILE_PASSWD_E_EXISTS_NOT |
  461. * FILE_PASSWD_E_INVALID_ENC_MODE
  462. * @access public
  463. * @return mixed Returns &true; on success or
  464. * <classname>PEAR_Error</classname> on failure.
  465. * @param string $user the user whose password should be changed
  466. * @param string $pass the new plaintext password
  467. */
  468. function changePasswd($user, $pass)
  469. {
  470. if (!$this->userExists($user)) {
  471. return PEAR::raiseError(
  472. sprintf(FILE_PASSWD_E_EXISTS_NOT_STR, 'User ', $user),
  473. FILE_PASSWD_E_EXISTS_NOT
  474. );
  475. }
  476. $pass = $this->_genPass($pass);
  477. if (PEAR::isError($pass)) {
  478. return $pass;
  479. }
  480. if ($this->_usemap) {
  481. $this->_users[$user]['pass'] = $pass;
  482. } else {
  483. $this->_users[$user][0] = $pass;
  484. }
  485. return true;
  486. }
  487. /**
  488. * Verify the password of a certain user
  489. *
  490. * Returns a PEAR_Error if:
  491. * o user doesn't exist
  492. * o encryption mode is not supported
  493. *
  494. * @throws PEAR_Error FILE_PASSWD_E_EXISTS_NOT |
  495. * FILE_PASSWD_E_INVALID_ENC_MODE
  496. * @access public
  497. * @return mixed Returns &true; if passwors equal, &false; if they don't
  498. * or <classname>PEAR_Error</classname> on fialure.
  499. * @param string $user the user whose password should be verified
  500. * @param string $pass the password to verify
  501. */
  502. function verifyPasswd($user, $pass)
  503. {
  504. if (!$this->userExists($user)) {
  505. return PEAR::raiseError(
  506. sprintf(FILE_PASSWD_E_EXISTS_NOT_STR, 'User ', $user),
  507. FILE_PASSWD_E_EXISTS_NOT
  508. );
  509. }
  510. $real =
  511. $this->_usemap ?
  512. $this->_users[$user]['pass'] :
  513. $this->_users[$user][0]
  514. ;
  515. return ($real === $this->_genPass($pass, $real));
  516. }
  517. /**
  518. * Generate crypted password from the plaintext password
  519. *
  520. * Returns a PEAR_Error if actual encryption mode is not supported.
  521. *
  522. * @throws PEAR_Error FILE_PASSWD_E_INVALID_ENC_MODE
  523. * @access private
  524. * @return mixed Returns the crypted password or
  525. * <classname>PEAR_Error</classname>
  526. * @param string $pass the plaintext password
  527. * @param string $salt the crypted password from which to gain the salt
  528. * @param string $func the encryption function to use
  529. */
  530. function _genPass($pass, $salt = null, $func = null)
  531. {
  532. if (is_null($func)) {
  533. $func = $this->_enc;
  534. }
  535. if (!is_callable($func)) {
  536. if (is_array($func)) {
  537. $func = implode('::', $func);
  538. }
  539. return PEAR::raiseError(
  540. sprintf(FILE_PASSWD_E_INVALID_ENC_MODE_STR, $func),
  541. FILE_PASSWD_E_INVALID_ENC_MODE
  542. );
  543. }
  544. $return = @call_user_func($func, $pass, $salt);
  545. if (is_null($return) || $return === false) {
  546. $return = @call_user_func($func, $pass);
  547. }
  548. return $return;
  549. }
  550. }
  551. ?>