PageRenderTime 224ms CodeModel.GetById 91ms app.highlight 4ms RepoModel.GetById 127ms app.codeStats 0ms

/plugin/md5.inc.php

https://github.com/miya5n/pukiwiki
PHP | 134 lines | 98 code | 15 blank | 21 comment | 13 complexity | 66aa3e7610d88207e64abd6a97579fcc MD5 | raw file
  1<?php
  2// PukiWiki - Yet another WikiWikiWeb clone.
  3// $Id: md5.inc.php,v 1.25 2011/01/25 15:01:01 henoheno Exp $
  4// Copyright (C) 2001-2006 PukiWiki Developers Team
  5// License: GPL v2 or (at your option) any later version
  6//
  7//  MD5 plugin: Allow to convert password/passphrase
  8//	* PHP sha1() -- If you have sha1() or mhash extension
  9//	* PHP md5()
 10//	* PHP crypt()
 11//	* LDAP SHA / SSHA -- If you have sha1() or mhash extension
 12//	* LDAP MD5 / SMD5
 13//	* LDAP CRYPT
 14
 15// User interface of pkwk_hash_compute() for system admin
 16function plugin_md5_action()
 17{
 18	global $get, $post;
 19
 20	if (PKWK_SAFE_MODE || PKWK_READONLY) die_message('Prohibited by admin');
 21
 22	// Wait POST
 23	$phrase = isset($post['phrase']) ? $post['phrase'] : '';
 24
 25	if ($phrase == '') {
 26		// Show the form
 27
 28		// If plugin=md5&md5=password, only set it (Don't compute)
 29		$value  = isset($get['md5']) ? $get['md5'] : '';
 30
 31		return array(
 32			'msg' =>'Compute userPassword',
 33			'body'=>plugin_md5_show_form(isset($post['phrase']), $value));
 34
 35	} else {
 36		// Compute (Don't show its $phrase at the same time)
 37
 38		$prefix = isset($post['prefix']);
 39		$salt   = isset($post['salt']) ? $post['salt'] : '';
 40
 41		// With scheme-prefix or not
 42		if (! preg_match('/^\{.+\}.*$/', $salt)) {
 43			$scheme = isset($post['scheme']) ? '{' . $post['scheme'] . '}': '';
 44			$salt   = $scheme . $salt;
 45		}
 46
 47		return array(
 48			'msg' =>'Result',
 49			'body'=>
 50				//($prefix ? 'userPassword: ' : '') .
 51				pkwk_hash_compute($phrase, $salt, $prefix, TRUE));
 52	}
 53}
 54
 55// $nophrase = Passphrase is (submitted but) empty
 56// $value    = Default passphrase value
 57function plugin_md5_show_form($nophrase = FALSE, $value = '')
 58{
 59	if (PKWK_SAFE_MODE || PKWK_READONLY) die_message('Prohibited');
 60	if (strlen($value) > PKWK_PASSPHRASE_LIMIT_LENGTH)
 61		die_message('Limit: malicious message length');
 62
 63	if ($value != '') $value = 'value="' . htmlsc($value) . '" ';
 64
 65	$sha1_enabled = function_exists('sha1');
 66	$sha1_checked = $md5_checked = '';
 67	if ($sha1_enabled) {
 68		$sha1_checked = 'checked="checked" ';
 69	} else {
 70		$md5_checked  = 'checked="checked" ';
 71	}
 72
 73	$self = get_script_uri();
 74
 75	$form = <<<EOD
 76<p><strong>NOTICE: Don't use this feature via untrustful or unsure network</strong></p>
 77<hr>
 78EOD;
 79
 80	if ($nophrase) $form .= '<strong>NO PHRASE</strong><br />';
 81
 82	$form .= <<<EOD
 83<form action="$self" method="post">
 84 <div>
 85  <input type="hidden" name="plugin" value="md5" />
 86  <label for="_p_md5_phrase">Phrase:</label>
 87  <input type="text" name="phrase"  id="_p_md5_phrase" size="60" $value/><br />
 88EOD;
 89
 90	if ($sha1_enabled) $form .= <<<EOD
 91  <input type="radio" name="scheme" id="_p_md5_sha1" value="x-php-sha1" />
 92  <label for="_p_md5_sha1">PHP sha1()</label><br />
 93EOD;
 94
 95	$form .= <<<EOD
 96  <input type="radio" name="scheme" id="_p_md5_md5"  value="x-php-md5" />
 97  <label for="_p_md5_md5">PHP md5()</label><br />
 98  <input type="radio" name="scheme" id="_p_md5_crpt" value="x-php-crypt" />
 99  <label for="_p_md5_crpt">PHP crypt() *</label><br />
100EOD;
101
102	if ($sha1_enabled) $form .= <<<EOD
103  <input type="radio" name="scheme" id="_p_md5_lssha" value="SSHA" $sha1_checked/>
104  <label for="_p_md5_lssha">LDAP SSHA (sha-1 with a seed) *</label><br />
105  <input type="radio" name="scheme" id="_p_md5_lsha" value="SHA" />
106  <label for="_p_md5_lsha">LDAP SHA (sha-1)</label><br />
107EOD;
108
109	$form .= <<<EOD
110  <input type="radio" name="scheme" id="_p_md5_lsmd5" value="SMD5" $md5_checked/>
111  <label for="_p_md5_lsmd5">LDAP SMD5 (md5 with a seed) *</label><br />
112  <input type="radio" name="scheme" id="_p_md5_lmd5" value="MD5" />
113  <label for="_p_md5_lmd5">LDAP MD5</label><br />
114
115  <input type="radio" name="scheme" id="_p_md5_lcrpt" value="CRYPT" />
116  <label for="_p_md5_lcrpt">LDAP CRYPT *</label><br />
117
118  <input type="checkbox" name="prefix" id="_p_md5_prefix" checked="checked" />
119  <label for="_p_md5_prefix">Add scheme prefix (RFC2307, Using LDAP as NIS)</label><br />
120
121  <label for="_p_md5_salt">Salt, '{scheme}', '{scheme}salt', or userPassword itself to specify:</label><br />
122  <input type="text" name="salt" id="_p_md5_salt" size="60" /><br />
123
124  <input type="submit" value="Compute" /><br />
125
126  <hr>
127  <p>* = Salt enabled<p/>
128 </div>
129</form>
130EOD;
131
132	return $form;
133}
134?>