JcDenis/httpPassword
1
0
Fork 0
Code Issues Pull Requests Releases 3 Activity

use namespace

Browse Source
This commit is contained in:
Jean-Christian Paul Denis 2023-03-26 00:03:44 +01:00
parent 37b1ded7a7
commit 9aee331b92
Signed by: JcDenis
GPG Key ID: 1B5B8C5B90B6C951
7 changed files with 605 additions and 357 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/Backend.php
View File

@ -10,17 +10,42 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_CONTEXT_ADMIN')) { declare(strict_types=1);
return null;
}
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem( namespace Dotclear\Plugin\httpPassword;
__('Http password'),
dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)), use dcAuth;
urldecode(dcPage::getPF(basename(__DIR__) . '/icon.png')), use dcAdmin;
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__))) . '(&.*)?$/', $_SERVER['REQUEST_URI']), use dcCore;
use dcPage;
use dcNsProcess;
class Backend extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_CONTEXT_ADMIN');
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
My::name(),
dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
dcPage::getPF(My::id() . '/icon.png'),
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . My::id())) . '(&.*)?$/', $_SERVER['REQUEST_URI']),
dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_USAGE, dcAuth::PERMISSION_USAGE,
initHttpPassword::PERMISSION, My::PERMISSION,
]), dcCore::app()->blog->id) ]), dcCore::app()->blog->id)
); );
return true;
}
}

51
src/Frontend.php
View File

@ -10,11 +10,30 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!dcCore::app()->blog->settings->get(basename(__DIR__))->get('active')) { declare(strict_types=1);
return null;
}
dcCore::app()->addBehavior('publicPrependV2', function (): void { namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcLog;
use dcNsProcess;
class Frontend extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_RC_PATH');
return self::$init;
}
public static function process(): bool
{
if (!self::$init || !Utils::isActive()) {
return false;
}
dcCore::app()->addBehavior('publicPrependV2', function (): void {
$PHP_AUTH_USER = $PHP_AUTH_PW = ''; $PHP_AUTH_USER = $PHP_AUTH_PW = '';
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) { if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
@ -25,17 +44,18 @@ dcCore::app()->addBehavior('publicPrependV2', function (): void {
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER)); [$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER));
} }
if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') { if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') {
httpPassword::sendHttp401(); Utils::sendHttp401();
} }
if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD)) { if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) {
header('HTTP/1.0 500 Internal Server Error'); header('HTTP/1.0 500 Internal Server Error');
echo 'httpPassword plugin is not well configured.'; echo 'httpPassword plugin is not well configured.';
exit(1); exit(1);
} }
$htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false; $authenticated = false;
if ($htpasswd !== false) {
foreach ($htpasswd as $ligne) { foreach ($htpasswd as $ligne) {
[$cur_user, $cur_pass] = explode(':', trim($ligne), 2); [$cur_user, $cur_pass] = explode(':', trim($ligne), 2);
if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW, $cur_pass) == $cur_pass) { if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW, $cur_pass) == $cur_pass) {
@ -45,21 +65,26 @@ dcCore::app()->addBehavior('publicPrependV2', function (): void {
break; break;
} }
} }
}
unset($htpasswd); unset($htpasswd);
if (!$authenticated) { if (!$authenticated) {
httpPassword::sendHttp401(); Utils::sendHttp401();
} else { } else {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__), 'log_msg' => $PHP_AUTH_USER]); $logs = dcCore::app()->log->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]);
if (!$logs->isEmpty()) { if (!$logs->isEmpty()) {
$ids = []; $ids = [];
while ($logs->fetch()) { while ($logs->fetch()) {
$ids[] = $logs->__get('log_id'); $ids[] = (int) $logs->f('log_id');
} }
$logs = dcCore::app()->log->delLogs($ids); $logs = dcCore::app()->log->delLogs($ids);
} }
$cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME); $cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME);
$cursor->__set('log_table', basename(__DIR__)); $cursor->setField('log_table', My::id());
$cursor->__set('log_msg', $PHP_AUTH_USER); $cursor->setField('log_msg', $PHP_AUTH_USER);
dcCore::app()->log->addLog($cursor); dcCore::app()->log->addLog($cursor);
} }
}); });
return true;
}
}

41
src/Install.php
View File

@ -10,28 +10,41 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_CONTEXT_ADMIN')) { declare(strict_types=1);
return;
}
try { namespace Dotclear\Plugin\httpPassword;
// Check versions
if (!dcCore::app()->newVersion( use dcCore;
basename(__DIR__), use dcNsProcess;
dcCore::app()->plugins->moduleInfo(basename(__DIR__), 'version') use Exception;
)) {
return null; class Install extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_CONTEXT_ADMIN') && dcCore::app()->newVersion(My::id(), dcCore::app()->plugins->moduleInfo(My::id(), 'version'));
return self::$init;
} }
public static function process(): bool
{
if (!self::$init) {
return false;
}
try {
// Set settings // Set settings
$s = dcCore::app()->blog->settings->get(basename(__DIR__)); $s = dcCore::app()->blog->settings->get(My::id());
$s->put('active', false, 'boolean', 'Enable plugin', false, false); $s->put('active', false, 'boolean', 'Enable plugin', false, false);
$s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false); $s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false);
$s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false); $s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false);
return true; return true;
} catch (Exception $e) { } catch (Exception $e) {
dcCore::app()->error->add($e->getMessage()); dcCore::app()->error->add($e->getMessage());
} }
return false; return true;
}
}

376
src/Manage.php
View File

@ -10,67 +10,85 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_CONTEXT_ADMIN')) { declare(strict_types=1);
return null;
}
$s = dcCore::app()->blog->settings->get(basename(__DIR__)); namespace Dotclear\Plugin\httpPassword;
$pwd_file = dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD;
$action = $_POST['action'] ?? '';
$redir = $_REQUEST['redir'] ?? '';
$part = $_REQUEST['part'] ?? 'settings';
$passwords = [];
$writable = httpPassword::isWritable();
$section_menu = [
__('Settings') => 'settings',
__('Logins history') => 'logins',
__('Authorized users') => 'passwords',
];
if (!in_array($part, $section_menu) || !$writable) { use dcCore;
$part = 'settings'; use dcNsProcess;
} use dcPage;
if (empty($redir)) { use Dotclear\Helper\Html\Html;
$redir = dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]); use Dotclear\Helper\Html\Form\{
} Checkbox,
if (!$writable) { Div,
dcAdminNotices::addWarningNotice( Form,
Hidden,
Input,
Label,
Note,
Para,
Select,
Submit,
Text
};
use dt;
/**
* Manage contributions list
*/
class Manage extends dcNsProcess
{
public static function init(): bool
{
if (defined('DC_CONTEXT_ADMIN')) {
dcPage::check(dcCore::app()->auth->makePermissions([
My::PERMISSION,
]));
self::$init = true;
}
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
if (!Utils::isWritable()) {
dcPage::addWarningNotice(
__('No write permissions on blogs directories.') __('No write permissions on blogs directories.')
); );
}
if ('passwords' == $part) {
$lines = file($pwd_file);
if (!is_array($lines)) {
$lines = [];
} }
sort($lines);
foreach ($lines as $line) {
[$login, $pwd] = explode(':', $line, 2);
$passwords[trim($login)] = trim($pwd);
}
unset($lines);
}
if ('savesettings' == $action) { $part = self::getSection();
$action = $_POST['action'] ?? '';
if (empty($action)) {
return true;
}
if ('savesettings' == $action) {
$s = dcCore::app()->blog->settings->get(My::id());
$s->put('active', !empty($_POST['active'])); $s->put('active', !empty($_POST['active']));
$s->put('crypt', in_array((string) $_POST['crypt'], httpPassword::getCryptCombo()) ? $_POST['crypt'] : 'paintext'); $s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']); $s->put('message', (string) $_POST['message']);
dcCore::app()->blog->triggerBlog(); dcCore::app()->blog->triggerBlog();
dcAdminNotices::addSuccessNotice( dcPage::addSuccessNotice(
__('Settings successfully updated.') __('Settings successfully updated.')
); );
dcCore::app()->adminurl->redirect( dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__), 'admin.plugin.' . My::id(),
['part' => $part] ['part' => $part]
); );
} }
if ('savelogins' == $action) { if ('savelogins' == $action) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__)]); $logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if (!$logs->isEmpty()) { if (!$logs->isEmpty()) {
$ids = []; $ids = [];
while ($logs->fetch()) { while ($logs->fetch()) {
@ -78,21 +96,22 @@ if ('savelogins' == $action) {
} }
$logs = dcCore::app()->log->delLogs($ids); $logs = dcCore::app()->log->delLogs($ids);
dcAdminNotices::addSuccessNotice( dcPage::addSuccessNotice(
__('Logs successfully cleared.') __('Logs successfully cleared.')
); );
dcCore::app()->adminurl->redirect( dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__), 'admin.plugin.' . My::id(),
['part' => $part] ['part' => $part]
); );
} }
} }
if ('savepasswords' == $action) { if ('savepasswords' == $action) {
$passwords = self::getPasswords();
$lines = []; $lines = [];
if (!empty($_POST['login']) && !empty($_POST['password'])) { if (!empty($_POST['login']) && !empty($_POST['password'])) {
$lines[$_POST['login']] = httpPassword::crypt($_POST['password']); $lines[$_POST['login']] = Utils::crypt($_POST['password']);
} }
foreach ($passwords as $l => $p) { foreach ($passwords as $l => $p) {
// add login // add login
@ -107,7 +126,7 @@ if ('savepasswords' == $action) {
if (!empty($_POST['edit']) && array_key_exists($l, $_POST['edit']) if (!empty($_POST['edit']) && array_key_exists($l, $_POST['edit'])
&& !empty($_POST['newpassword']) && array_key_exists($l, $_POST['newpassword']) && !empty($_POST['newpassword']) && array_key_exists($l, $_POST['newpassword'])
) { ) {
$lines[$l] = httpPassword::crypt($_POST['newpassword'][$l]); $lines[$l] = Utils::crypt($_POST['newpassword'][$l]);
} else { } else {
$lines[$l] = $p; $lines[$l] = $p;
} }
@ -117,83 +136,101 @@ if ('savepasswords' == $action) {
foreach ($lines as $l => $p) { foreach ($lines as $l => $p) {
$contents .= sprintf("%s:%s\r\n", $l, $p); $contents .= sprintf("%s:%s\r\n", $l, $p);
} }
file_put_contents($pwd_file, $contents); file_put_contents(Utils::passwordFile(), $contents);
dcCore::app()->blog->triggerBlog(); dcCore::app()->blog->triggerBlog();
dcAdminNotices::addSuccessNotice( dcPage::addSuccessNotice(
__('Logins successfully updated.') __('Logins successfully updated.')
); );
dcCore::app()->adminurl->redirect( dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__), 'admin.plugin.' . My::id(),
['part' => $part] ['part' => $part]
); );
} }
echo return true;
'<html><head><title>' . __('Http password') . '</title>' . }
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(basename(__DIR__) . '/js/index.js') . public static function render(): void
'</head><body>' . {
dcPage::breadcrumb([ if (!self::$init) {
return;
}
$part = self::getSection();
dcPage::openModule(
My::name(),
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(My::id() . '/js/backend.js')
);
echo
dcPage::breadcrumb([
__('Plugins') => '', __('Plugins') => '',
__('Http password') => dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)), My::name() => dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
array_search($part, $section_menu) => '', array_search($part, My::sectionCombo()) => '',
]) . ]) .
dcPage::notices() . dcPage::notices() .
# Filters select menu list # Filters select menu list
'<form method="get" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)) . '" id="section_menu">' . (new Form('section_menu'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id()))->method('get')->fields([
'<p class="anchor-nav"><label for="part" class="classic">' . __('Select section:') . ' </label>' . (new Para())->class('anchor-nav')->items([
form::combo('part', $section_menu, $part) . ' ' . (new Label(__('Select section:')))->for('part')->class('classic'),
'<input type="submit" value="' . __('Ok') . '" />' . (new Select('part'))->default($part)->items(My::sectionCombo()),
form::hidden('p', basename(__DIR__)) . '</p>' . (new Submit(['go']))->value(__('Ok')),
'</form>' . (new Hidden(['p'], My::id())),
'<h3>' . array_search($part, $section_menu) . '</h3>'; ]),
])->render() .
if ('settings' == $part) { '<h3>' . array_search($part, My::sectionCombo()) . '</h3>';
echo '
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => 'settings']) . '">
<p><label for="active">' . if ('settings' == $part) {
form::checkbox('active', '1', (bool) $s->get('active')) . echo
__('Enable http password protection on this blog') . '</label></p> (new Form('section_settings'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'settings']))->method('post')->fields([
// active
(new Para())->items([
(new Checkbox('active', Utils::isActive()))->value(1),
(new Label(__('Enable http password protection on this blog'), Label::OUTSIDE_LABEL_AFTER))->for('active')->class('classic'),
]),
// crypt
(new Para())->items([
(new Label(__('Crypt algorithm:'), Label::OUTSIDE_LABEL_BEFORE))->for('crypt')->class('classic'),
(new Select('crypt'))->default(Utils::cryptMethod())->items(My::cryptCombo()),
]),
(new Note())->text(__('Some web servers does not surpport plaintext (no) encryption.'))->class('form-note'),
(new Note())->text(__('If you change crypt algo, you must edit and resave each users passwords.'))->class('form-note'),
// message
(new Para())->items([
(new Label(__('Authentication message:')))->for('message'),
(new Input('message'))->size(60)->maxlenght(255)->value(Utils::httpMessage()),
]),
(new Div())->class('clear')->items([
(new Submit(['save']))->value(__('Save')),
(new Hidden(['action'], 'savesettings')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
}
<p><label for="crypt">' . __('Crypt algorithm:') . '</label> ' . if ('logins' == $part) {
form::combo('crypt', httpPassword::getCryptCombo(), (string) $s->get('crypt')) . '</p> $logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
<p class="form-note">' .
__('Some web servers does not surpport plaintext (no) encryption.') . ' ' .
__('If you change crypt algo, you must edit and resave each users passwords.') .
'</p>
<p><label for="message">' . __('Authentication message:') . '</label>' .
form::field('message', 60, 255, html::escapeHTML((string) $s->get('message'))) . '
</p>
<div class="clear">
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savesettings') .
form::hidden(['part'], $part) . '
<input type="submit" name="save" value="' . __('Save') . '" />
</p></form>';
}
if ('logins' == $part) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__)]);
if ($logs->isEmpty()) { if ($logs->isEmpty()) {
echo echo
'<p>' . __('Logins history is empty.') . '</p>'; '<p>' . __('Logins history is empty.') . '</p>';
} else { } else {
echo ' echo
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => 'logins']) . '"> (new Form('section_logins'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'logins']))->method('post')->fields([
<p>' . (new Para())->items([
dcCore::app()->formNonce() . (new Submit(['save']))->value(__('Clear logs')),
form::hidden(['action'], 'savelogins') . (new Hidden(['action'], 'savelogins')),
form::hidden(['part'], $part) . ' (new Hidden(['part'], $part)),
<input type="submit" name="save" value="' . __('Clear logs') . '" /> (new Text('', dcCore::app()->formNonce())),
</p></form>' . ]),
])->render() .
'<div class="table-outer"><table>' . '<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s last logins.'), $logs->count()) . '</caption>' . '<caption>' . sprintf(__('List of %s last logins.'), $logs->count()) . '</caption>' .
@ -205,75 +242,110 @@ if ('logins' == $part) {
while ($logs->fetch()) { while ($logs->fetch()) {
echo echo
'<tr class="line">' . '<tr class="line">' .
'<td class="nowrap maximal">' . html::escapeHTML($logs->__get('log_msg')) . '</td>' . '<td class="nowrap maximal">' . Html::escapeHTML($logs->f('log_msg')) . '</td>' .
'<td class="nowrap count">' . html::escapeHTML(dt::dt2str(__('%Y-%m-%d %H:%M'), $logs->__get('log_dt'))) . '</td>' . '<td class="nowrap count">' . Html::escapeHTML(dt::dt2str(__('%Y-%m-%d %H:%M'), $logs->f('log_dt'))) . '</td>' .
'</tr>'; '</tr>';
} }
echo echo
'</table></div>'; '</table></div>';
} }
} }
if ('passwords' == $part) {
$passwords = self::getPasswords();
if ('passwords' == $part) {
if (empty($passwords)) { if (empty($passwords)) {
echo echo
'<p>' . __('Authorized users list is empty.') . '</p>'; '<p>' . __('Authorized users list is empty.') . '</p>';
} else { } else {
$lines = '';
foreach ($passwords as $login => $pwd) {
$lines .= '<tr class="line">' .
'<td class="nowrap maximal">' .
Html::escapeHTML($login) .
'</td>' .
'<td class="nowrap">' .
(new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlenght(255)->render() .
'</td>' .
'<td class="nowrap">' .
(new Submit(['edit[' . Html::escapeHTML($login) . ']']))->value(__('Change password'))->render() .
(new Submit(['delete[' . Html::escapeHTML($login) . ']']))->value(__('Delete'))->class('delete')->render() .
'</td>' .
'</tr>';
}
echo echo
'<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]) . '">' . (new Form('section_passwords'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
(new Text(
'',
'<div class="table-outer"><table>' . '<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s authorized users.'), count($passwords)) . '</caption>' . '<caption>' . sprintf(__('List of %s authorized users.'), count($passwords)) . '</caption>' .
'<thead><tr>' . '<thead><tr>' .
'<th scope="col" class="first nowrap">' . __('Login') . '</th>' . '<th scope="col" class="first nowrap">' . __('Login') . '</th>' .
'<th scope="col" class="first nowrap">' . __('New password') . '</th>' . '<th scope="col" class="first nowrap">' . __('New password') . '</th>' .
'<th scope="col" class="nowrap">' . __('Action') . '</th>' . '<th scope="col" class="nowrap">' . __('Action') . '</th>' .
'</tr></thead<tbody>'; '</tr></thead<tbody>' .
$lines .
foreach ($passwords as $login => $pwd) { '</table></div>'
echo )),
'<tr class="line">' . (new Para())->items([
'<td class="nowrap maximal">' . (new Hidden(['action'], 'savepasswords')),
html::escapeHTML($login) . (new Hidden(['part'], $part)),
'</td>' . (new Text('', dcCore::app()->formNonce())),
'<td class="nowrap">' . ]),
form::field(['newpassword[' . html::escapeHTML($login) . ']'], 60, 255, '') . ])->render();
'</td>' .
'<td class="nowrap">' .
'<input type="submit" name="edit[' . html::escapeHTML($login) . ']" value="' . __('Change password') . '" /> ' .
'<input type="submit" class="delete" name="delete[' . html::escapeHTML($login) . ']" value="' . __('Delete') . '" />' .
'</td>' .
'</tr>';
} }
echo echo
'</table></div> (new Form('section_new'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
<p>' . (new Text('h3', Html::escapeHTML(__('Add a user')))),
dcCore::app()->formNonce() . // login
form::hidden(['action'], 'savepasswords') . (new Para())->items([
form::hidden(['part'], $part) . ' (new Label(__('Login:')))->for('login'),
</p></form>'; (new Input('login'))->size(60)->maxlenght(255),
]),
// password
(new Para())->items([
(new Label(__('Password:')))->for('password'),
(new Input('password'))->size(60)->maxlenght(255),
]),
(new Para())->items([
(new Submit(['add']))->value(__('Save')),
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
} }
echo ' dcPage::closeModule();
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]) . '"> }
<h3>' . __('Add a user') . '</h3>
<p><label for="login">' . __('Login:') . '</label>' . private static function getSection(): string
form::field('login', 60, 255, '') . ' {
</p> $part = $_REQUEST['part'] ?? 'settings';
if (!in_array($part, My::sectionCombo()) || !Utils::isWritable()) {
$part = 'settings';
}
<p><label for="password">' . __('Password:') . '</label>' . return $part;
form::field('password', 60, 255, '') . ' }
</p>
<p>' . private static function getPasswords(): array
dcCore::app()->formNonce() . {
form::hidden(['action'], 'savepasswords') . $passwords = [];
form::hidden(['part'], $part) . ' $lines = file(Utils::passwordFile());
<input type="submit" name="add" value="' . __('Save') . '" /> if (!is_array($lines)) {
</p></form>'; $lines = [];
}
sort($lines);
foreach ($lines as $line) {
[$login, $pwd] = explode(':', $line, 2);
$passwords[trim($login)] = trim($pwd);
}
unset($lines);
return $passwords;
}
} }
echo
'</body></html>';

70
src/My.php Normal file
View File

@ -0,0 +1,70 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
class My
{
/** @var string This plugin permissions */
public const PERMISSION = 'httpPassword';
/** @var string Passwords file name */
public const FILE_PASSWORD = '.htpasswd';
/**
* This module id
*/
public static function id(): string
{
return basename(dirname(__DIR__));
}
/**
* This module name
*/
public static function name(): string
{
return __((string) dcCore::app()->plugins->moduleInfo(self::id(), 'name'));
}
/**
* Encryption methods combo
*/
public static function cryptCombo(): array
{
return [
__('No encryption') => 'plaintext',
__('Crypt DES standard') => 'crypt_std_des',
__('Crypt DES étendu') => 'crypt_ext_des',
__('Crypt MD5') => 'crypt_md5',
__('Crypt Blowfish') => 'crypt_blowfish',
__('Crypt SHA256') => 'crypt_sha256',
__('Crypt SHA512') => 'crypt_sha512',
];
}
/**
* Admin section menu
*/
public static function sectionCombo(): array
{
return [
__('Settings') => 'settings',
__('Logins history') => 'logins',
__('Authorized users') => 'passwords',
];
}
}

36
src/Prepend.php
View File

@ -10,15 +10,33 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_RC_PATH')) { declare(strict_types=1);
return null;
}
Clearbricks::lib()->autoload([ namespace Dotclear\Plugin\httpPassword;
'httpPassword' => implode(DIRECTORY_SEPARATOR, [__DIR__, 'inc', 'class.httppassword.php']),
]);
dcCore::app()->auth->setPermissionType( use dcCore;
initHttpPassword::PERMISSION, use dcNsProcess;
class Prepend extends dcNsProcess
{
public static function init(): bool
{
self::$init = true;
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
dcCore::app()->auth->setPermissionType(
My::PERMISSION,
__('Manage http password blog protection') __('Manage http password blog protection')
); );
return true;
}
}

75
src/Utils.php
View File

@ -10,20 +10,20 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_RC_PATH')) { declare(strict_types=1);
return null;
}
class httpPassword namespace Dotclear\Plugin\httpPassword;
use dcCore;
class Utils
{ {
public static function id(): string /**
{ * Crypt password
return basename(dirname(__DIR__)); */
}
public static function crypt(?string $secret): string public static function crypt(?string $secret): string
{ {
switch (dcCore::app()->blog->settings->get(self::id())->get('crypt')) { switch (self::cryptMethod()) {
case 'plaintext': case 'plaintext':
$saltlen = -1; $saltlen = -1;
$salt = ''; $salt = '';
@ -75,9 +75,44 @@ class httpPassword
return($secret); return($secret);
} }
/**
* Setting: active
*/
public static function isActive(): bool
{
return (bool) dcCore::app()->blog->settings->get(My::id())->get('active');
}
/**
* Setting: crypt
*/
public static function cryptMethod(): string
{
return (string) dcCore::app()->blog->settings->get(My::id())->get('crypt');
}
/**
* Setting: message
*/
public static function httpMessage(): string
{
return (string) dcCore::app()->blog->settings->get(My::id())->get('message');
}
/**
* Get passwords file path
*/
public static function passwordFile(): string
{
return dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
}
/**
* Check passwords file
*/
public static function isWritable(): bool public static function isWritable(): bool
{ {
if (false === ($fp = fopen(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD, 'a+'))) { if (false === ($fp = fopen(self::passwordFile(), 'a+'))) {
return false; return false;
} }
fclose($fp); fclose($fp);
@ -85,23 +120,13 @@ class httpPassword
return true; return true;
} }
public static function getCryptCombo(): array /**
{ * Send HTTP message
return [ */
__('No encryption') => 'plaintext',
__('Crypt DES standard') => 'crypt_std_des',
__('Crypt DES étendu') => 'crypt_ext_des',
__('Crypt MD5') => 'crypt_md5',
__('Crypt Blowfish') => 'crypt_blowfish',
__('Crypt SHA256') => 'crypt_sha256',
__('Crypt SHA512') => 'crypt_sha512',
];
}
public static function sendHttp401(): void public static function sendHttp401(): void
{ {
header('HTTP/1.1 401 Unauthorized'); header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . utf8_decode(htmlspecialchars_decode(dcCore::app()->blog->settings->get(self::id())->get('message'))) . '"'); header('WWW-Authenticate: Basic realm="' . utf8_decode(htmlspecialchars_decode(self::httpMessage())) . '"');
exit(0); exit(0);
} }
} }