PageRenderTime 52ms CodeModel.GetById 24ms RepoModel.GetById 1ms app.codeStats 0ms

/plugin/md5.inc.php

https://github.com/miya5n/pukiwiki
PHP | 134 lines | 98 code | 15 blank | 21 comment | 13 complexity | 66aa3e7610d88207e64abd6a97579fcc MD5 | raw file
Possible License(s): GPL-2.0
  1. <?php
  2. // PukiWiki - Yet another WikiWikiWeb clone.
  3. // $Id: md5.inc.php,v 1.25 2011/01/25 15:01:01 henoheno Exp $
  4. // Copyright (C) 2001-2006 PukiWiki Developers Team
  5. // License: GPL v2 or (at your option) any later version
  6. //
  7. // MD5 plugin: Allow to convert password/passphrase
  8. // * PHP sha1() -- If you have sha1() or mhash extension
  9. // * PHP md5()
  10. // * PHP crypt()
  11. // * LDAP SHA / SSHA -- If you have sha1() or mhash extension
  12. // * LDAP MD5 / SMD5
  13. // * LDAP CRYPT
  14. // User interface of pkwk_hash_compute() for system admin
  15. function plugin_md5_action()
  16. {
  17. global $get, $post;
  18. if (PKWK_SAFE_MODE || PKWK_READONLY) die_message('Prohibited by admin');
  19. // Wait POST
  20. $phrase = isset($post['phrase']) ? $post['phrase'] : '';
  21. if ($phrase == '') {
  22. // Show the form
  23. // If plugin=md5&md5=password, only set it (Don't compute)
  24. $value = isset($get['md5']) ? $get['md5'] : '';
  25. return array(
  26. 'msg' =>'Compute userPassword',
  27. 'body'=>plugin_md5_show_form(isset($post['phrase']), $value));
  28. } else {
  29. // Compute (Don't show its $phrase at the same time)
  30. $prefix = isset($post['prefix']);
  31. $salt = isset($post['salt']) ? $post['salt'] : '';
  32. // With scheme-prefix or not
  33. if (! preg_match('/^\{.+\}.*$/', $salt)) {
  34. $scheme = isset($post['scheme']) ? '{' . $post['scheme'] . '}': '';
  35. $salt = $scheme . $salt;
  36. }
  37. return array(
  38. 'msg' =>'Result',
  39. 'body'=>
  40. //($prefix ? 'userPassword: ' : '') .
  41. pkwk_hash_compute($phrase, $salt, $prefix, TRUE));
  42. }
  43. }
  44. // $nophrase = Passphrase is (submitted but) empty
  45. // $value = Default passphrase value
  46. function plugin_md5_show_form($nophrase = FALSE, $value = '')
  47. {
  48. if (PKWK_SAFE_MODE || PKWK_READONLY) die_message('Prohibited');
  49. if (strlen($value) > PKWK_PASSPHRASE_LIMIT_LENGTH)
  50. die_message('Limit: malicious message length');
  51. if ($value != '') $value = 'value="' . htmlsc($value) . '" ';
  52. $sha1_enabled = function_exists('sha1');
  53. $sha1_checked = $md5_checked = '';
  54. if ($sha1_enabled) {
  55. $sha1_checked = 'checked="checked" ';
  56. } else {
  57. $md5_checked = 'checked="checked" ';
  58. }
  59. $self = get_script_uri();
  60. $form = <<<EOD
  61. <p><strong>NOTICE: Don't use this feature via untrustful or unsure network</strong></p>
  62. <hr>
  63. EOD;
  64. if ($nophrase) $form .= '<strong>NO PHRASE</strong><br />';
  65. $form .= <<<EOD
  66. <form action="$self" method="post">
  67. <div>
  68. <input type="hidden" name="plugin" value="md5" />
  69. <label for="_p_md5_phrase">Phrase:</label>
  70. <input type="text" name="phrase" id="_p_md5_phrase" size="60" $value/><br />
  71. EOD;
  72. if ($sha1_enabled) $form .= <<<EOD
  73. <input type="radio" name="scheme" id="_p_md5_sha1" value="x-php-sha1" />
  74. <label for="_p_md5_sha1">PHP sha1()</label><br />
  75. EOD;
  76. $form .= <<<EOD
  77. <input type="radio" name="scheme" id="_p_md5_md5" value="x-php-md5" />
  78. <label for="_p_md5_md5">PHP md5()</label><br />
  79. <input type="radio" name="scheme" id="_p_md5_crpt" value="x-php-crypt" />
  80. <label for="_p_md5_crpt">PHP crypt() *</label><br />
  81. EOD;
  82. if ($sha1_enabled) $form .= <<<EOD
  83. <input type="radio" name="scheme" id="_p_md5_lssha" value="SSHA" $sha1_checked/>
  84. <label for="_p_md5_lssha">LDAP SSHA (sha-1 with a seed) *</label><br />
  85. <input type="radio" name="scheme" id="_p_md5_lsha" value="SHA" />
  86. <label for="_p_md5_lsha">LDAP SHA (sha-1)</label><br />
  87. EOD;
  88. $form .= <<<EOD
  89. <input type="radio" name="scheme" id="_p_md5_lsmd5" value="SMD5" $md5_checked/>
  90. <label for="_p_md5_lsmd5">LDAP SMD5 (md5 with a seed) *</label><br />
  91. <input type="radio" name="scheme" id="_p_md5_lmd5" value="MD5" />
  92. <label for="_p_md5_lmd5">LDAP MD5</label><br />
  93. <input type="radio" name="scheme" id="_p_md5_lcrpt" value="CRYPT" />
  94. <label for="_p_md5_lcrpt">LDAP CRYPT *</label><br />
  95. <input type="checkbox" name="prefix" id="_p_md5_prefix" checked="checked" />
  96. <label for="_p_md5_prefix">Add scheme prefix (RFC2307, Using LDAP as NIS)</label><br />
  97. <label for="_p_md5_salt">Salt, '{scheme}', '{scheme}salt', or userPassword itself to specify:</label><br />
  98. <input type="text" name="salt" id="_p_md5_salt" size="60" /><br />
  99. <input type="submit" value="Compute" /><br />
  100. <hr>
  101. <p>* = Salt enabled<p/>
  102. </div>
  103. </form>
  104. EOD;
  105. return $form;
  106. }
  107. ?>