use namespace

This commit is contained in:
Jean-Christian Paul Denis 2023-03-26 00:03:44 +01:00
parent 37b1ded7a7
commit 9aee331b92
Signed by: JcDenis
GPG Key ID: 1B5B8C5B90B6C951
7 changed files with 605 additions and 357 deletions

View File

@ -10,17 +10,42 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_CONTEXT_ADMIN')) { declare(strict_types=1);
return null;
}
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem( namespace Dotclear\Plugin\httpPassword;
__('Http password'),
dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)), use dcAuth;
urldecode(dcPage::getPF(basename(__DIR__) . '/icon.png')), use dcAdmin;
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__))) . '(&.*)?$/', $_SERVER['REQUEST_URI']), use dcCore;
dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([ use dcPage;
dcAuth::PERMISSION_USAGE, use dcNsProcess;
initHttpPassword::PERMISSION,
]), dcCore::app()->blog->id) class Backend extends dcNsProcess
); {
public static function init(): bool
{
self::$init = defined('DC_CONTEXT_ADMIN');
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
My::name(),
dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
dcPage::getPF(My::id() . '/icon.png'),
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . My::id())) . '(&.*)?$/', $_SERVER['REQUEST_URI']),
dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_USAGE,
My::PERMISSION,
]), dcCore::app()->blog->id)
);
return true;
}
}

View File

@ -10,56 +10,81 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!dcCore::app()->blog->settings->get(basename(__DIR__))->get('active')) { declare(strict_types=1);
return null;
}
dcCore::app()->addBehavior('publicPrependV2', function (): void { namespace Dotclear\Plugin\httpPassword;
$PHP_AUTH_USER = $PHP_AUTH_PW = '';
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) { use dcCore;
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER']; use dcLog;
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW']; use dcNsProcess;
} elseif (isset($_ENV['REMOTE_USER'])) {
[$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2); class Frontend extends dcNsProcess
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER)); {
} public static function init(): bool
if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') { {
httpPassword::sendHttp401(); self::$init = defined('DC_RC_PATH');
return self::$init;
} }
if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD)) { public static function process(): bool
header('HTTP/1.0 500 Internal Server Error'); {
echo 'httpPassword plugin is not well configured.'; if (!self::$init || !Utils::isActive()) {
exit(1); return false;
}
$htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false;
foreach ($htpasswd as $ligne) {
[$cur_user, $cur_pass] = explode(':', trim($ligne), 2);
if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW, $cur_pass) == $cur_pass) {
$authenticated = true;
} }
if ($authenticated) {
break; dcCore::app()->addBehavior('publicPrependV2', function (): void {
} $PHP_AUTH_USER = $PHP_AUTH_PW = '';
}
unset($htpasswd); if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
if (!$authenticated) { $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
httpPassword::sendHttp401(); $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
} else { } elseif (isset($_ENV['REMOTE_USER'])) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__), 'log_msg' => $PHP_AUTH_USER]); [$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2);
if (!$logs->isEmpty()) { [$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER));
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
} }
$logs = dcCore::app()->log->delLogs($ids); if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') {
} Utils::sendHttp401();
$cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME); }
$cursor->__set('log_table', basename(__DIR__));
$cursor->__set('log_msg', $PHP_AUTH_USER); if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) {
dcCore::app()->log->addLog($cursor); header('HTTP/1.0 500 Internal Server Error');
echo 'httpPassword plugin is not well configured.';
exit(1);
}
$htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false;
if ($htpasswd !== false) {
foreach ($htpasswd as $ligne) {
[$cur_user, $cur_pass] = explode(':', trim($ligne), 2);
if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW, $cur_pass) == $cur_pass) {
$authenticated = true;
}
if ($authenticated) {
break;
}
}
}
unset($htpasswd);
if (!$authenticated) {
Utils::sendHttp401();
} else {
$logs = dcCore::app()->log->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = (int) $logs->f('log_id');
}
$logs = dcCore::app()->log->delLogs($ids);
}
$cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME);
$cursor->setField('log_table', My::id());
$cursor->setField('log_msg', $PHP_AUTH_USER);
dcCore::app()->log->addLog($cursor);
}
});
return true;
} }
}); }

View File

@ -10,28 +10,41 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_CONTEXT_ADMIN')) { declare(strict_types=1);
return;
}
try { namespace Dotclear\Plugin\httpPassword;
// Check versions
if (!dcCore::app()->newVersion( use dcCore;
basename(__DIR__), use dcNsProcess;
dcCore::app()->plugins->moduleInfo(basename(__DIR__), 'version') use Exception;
)) {
return null; class Install extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_CONTEXT_ADMIN') && dcCore::app()->newVersion(My::id(), dcCore::app()->plugins->moduleInfo(My::id(), 'version'));
return self::$init;
} }
// Set settings public static function process(): bool
$s = dcCore::app()->blog->settings->get(basename(__DIR__)); {
$s->put('active', false, 'boolean', 'Enable plugin', false, false); if (!self::$init) {
$s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false); return false;
$s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false); }
return true; try {
} catch (Exception $e) { // Set settings
dcCore::app()->error->add($e->getMessage()); $s = dcCore::app()->blog->settings->get(My::id());
$s->put('active', false, 'boolean', 'Enable plugin', false, false);
$s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false);
$s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false);
return true;
} catch (Exception $e) {
dcCore::app()->error->add($e->getMessage());
}
return true;
}
} }
return false;

View File

@ -10,270 +10,342 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_CONTEXT_ADMIN')) { declare(strict_types=1);
return null;
}
$s = dcCore::app()->blog->settings->get(basename(__DIR__)); namespace Dotclear\Plugin\httpPassword;
$pwd_file = dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD;
$action = $_POST['action'] ?? '';
$redir = $_REQUEST['redir'] ?? '';
$part = $_REQUEST['part'] ?? 'settings';
$passwords = [];
$writable = httpPassword::isWritable();
$section_menu = [
__('Settings') => 'settings',
__('Logins history') => 'logins',
__('Authorized users') => 'passwords',
];
if (!in_array($part, $section_menu) || !$writable) { use dcCore;
$part = 'settings'; use dcNsProcess;
} use dcPage;
if (empty($redir)) { use Dotclear\Helper\Html\Html;
$redir = dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]); use Dotclear\Helper\Html\Form\{
} Checkbox,
if (!$writable) { Div,
dcAdminNotices::addWarningNotice( Form,
__('No write permissions on blogs directories.') Hidden,
); Input,
} Label,
Note,
Para,
Select,
Submit,
Text
};
use dt;
if ('passwords' == $part) { /**
$lines = file($pwd_file); * Manage contributions list
if (!is_array($lines)) { */
$lines = []; class Manage extends dcNsProcess
} {
sort($lines); public static function init(): bool
foreach ($lines as $line) { {
[$login, $pwd] = explode(':', $line, 2); if (defined('DC_CONTEXT_ADMIN')) {
$passwords[trim($login)] = trim($pwd); dcPage::check(dcCore::app()->auth->makePermissions([
} My::PERMISSION,
unset($lines); ]));
}
if ('savesettings' == $action) { self::$init = true;
$s->put('active', !empty($_POST['active']));
$s->put('crypt', in_array((string) $_POST['crypt'], httpPassword::getCryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']);
dcCore::app()->blog->triggerBlog();
dcAdminNotices::addSuccessNotice(
__('Settings successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__),
['part' => $part]
);
}
if ('savelogins' == $action) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__)]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
} }
$logs = dcCore::app()->log->delLogs($ids);
dcAdminNotices::addSuccessNotice( return self::$init;
__('Logs successfully cleared.') }
public static function process(): bool
{
if (!self::$init) {
return false;
}
if (!Utils::isWritable()) {
dcPage::addWarningNotice(
__('No write permissions on blogs directories.')
);
}
$part = self::getSection();
$action = $_POST['action'] ?? '';
if (empty($action)) {
return true;
}
if ('savesettings' == $action) {
$s = dcCore::app()->blog->settings->get(My::id());
$s->put('active', !empty($_POST['active']));
$s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']);
dcCore::app()->blog->triggerBlog();
dcPage::addSuccessNotice(
__('Settings successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
}
if ('savelogins' == $action) {
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
}
$logs = dcCore::app()->log->delLogs($ids);
dcPage::addSuccessNotice(
__('Logs successfully cleared.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
}
}
if ('savepasswords' == $action) {
$passwords = self::getPasswords();
$lines = [];
if (!empty($_POST['login']) && !empty($_POST['password'])) {
$lines[$_POST['login']] = Utils::crypt($_POST['password']);
}
foreach ($passwords as $l => $p) {
// add login
if (array_key_exists($l, $lines)) {
continue;
}
// delete login
if (!empty($_POST['delete']) && array_key_exists($l, $_POST['delete'])) {
continue;
}
// change password
if (!empty($_POST['edit']) && array_key_exists($l, $_POST['edit'])
&& !empty($_POST['newpassword']) && array_key_exists($l, $_POST['newpassword'])
) {
$lines[$l] = Utils::crypt($_POST['newpassword'][$l]);
} else {
$lines[$l] = $p;
}
}
$contents = '';
foreach ($lines as $l => $p) {
$contents .= sprintf("%s:%s\r\n", $l, $p);
}
file_put_contents(Utils::passwordFile(), $contents);
dcCore::app()->blog->triggerBlog();
dcPage::addSuccessNotice(
__('Logins successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
}
return true;
}
public static function render(): void
{
if (!self::$init) {
return;
}
$part = self::getSection();
dcPage::openModule(
My::name(),
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(My::id() . '/js/backend.js')
); );
dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__),
['part' => $part]
);
}
}
if ('savepasswords' == $action) {
$lines = [];
if (!empty($_POST['login']) && !empty($_POST['password'])) {
$lines[$_POST['login']] = httpPassword::crypt($_POST['password']);
}
foreach ($passwords as $l => $p) {
// add login
if (array_key_exists($l, $lines)) {
continue;
}
// delete login
if (!empty($_POST['delete']) && array_key_exists($l, $_POST['delete'])) {
continue;
}
// change password
if (!empty($_POST['edit']) && array_key_exists($l, $_POST['edit'])
&& !empty($_POST['newpassword']) && array_key_exists($l, $_POST['newpassword'])
) {
$lines[$l] = httpPassword::crypt($_POST['newpassword'][$l]);
} else {
$lines[$l] = $p;
}
}
$contents = '';
foreach ($lines as $l => $p) {
$contents .= sprintf("%s:%s\r\n", $l, $p);
}
file_put_contents($pwd_file, $contents);
dcCore::app()->blog->triggerBlog();
dcAdminNotices::addSuccessNotice(
__('Logins successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__),
['part' => $part]
);
}
echo
'<html><head><title>' . __('Http password') . '</title>' .
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(basename(__DIR__) . '/js/index.js') .
'</head><body>' .
dcPage::breadcrumb([
__('Plugins') => '',
__('Http password') => dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)),
array_search($part, $section_menu) => '',
]) .
dcPage::notices() .
# Filters select menu list
'<form method="get" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)) . '" id="section_menu">' .
'<p class="anchor-nav"><label for="part" class="classic">' . __('Select section:') . ' </label>' .
form::combo('part', $section_menu, $part) . ' ' .
'<input type="submit" value="' . __('Ok') . '" />' .
form::hidden('p', basename(__DIR__)) . '</p>' .
'</form>' .
'<h3>' . array_search($part, $section_menu) . '</h3>';
if ('settings' == $part) {
echo '
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => 'settings']) . '">
<p><label for="active">' .
form::checkbox('active', '1', (bool) $s->get('active')) .
__('Enable http password protection on this blog') . '</label></p>
<p><label for="crypt">' . __('Crypt algorithm:') . '</label> ' .
form::combo('crypt', httpPassword::getCryptCombo(), (string) $s->get('crypt')) . '</p>
<p class="form-note">' .
__('Some web servers does not surpport plaintext (no) encryption.') . ' ' .
__('If you change crypt algo, you must edit and resave each users passwords.') .
'</p>
<p><label for="message">' . __('Authentication message:') . '</label>' .
form::field('message', 60, 255, html::escapeHTML((string) $s->get('message'))) . '
</p>
<div class="clear">
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savesettings') .
form::hidden(['part'], $part) . '
<input type="submit" name="save" value="' . __('Save') . '" />
</p></form>';
}
if ('logins' == $part) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__)]);
if ($logs->isEmpty()) {
echo echo
'<p>' . __('Logins history is empty.') . '</p>'; dcPage::breadcrumb([
} else { __('Plugins') => '',
echo ' My::name() => dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => 'logins']) . '"> array_search($part, My::sectionCombo()) => '',
<p>' . ]) .
dcCore::app()->formNonce() . dcPage::notices() .
form::hidden(['action'], 'savelogins') .
form::hidden(['part'], $part) . '
<input type="submit" name="save" value="' . __('Clear logs') . '" />
</p></form>' .
'<div class="table-outer"><table>' . # Filters select menu list
'<caption>' . sprintf(__('List of %s last logins.'), $logs->count()) . '</caption>' . (new Form('section_menu'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id()))->method('get')->fields([
'<thead><tr>' . (new Para())->class('anchor-nav')->items([
'<th scope="col" class="first">' . __('Login') . '</th>' . (new Label(__('Select section:')))->for('part')->class('classic'),
'<th scope="col">' . __('Date') . '</th>' . (new Select('part'))->default($part)->items(My::sectionCombo()),
'</tr></thead<tbody>'; (new Submit(['go']))->value(__('Ok')),
(new Hidden(['p'], My::id())),
]),
])->render() .
while ($logs->fetch()) { '<h3>' . array_search($part, My::sectionCombo()) . '</h3>';
if ('settings' == $part) {
echo echo
'<tr class="line">' . (new Form('section_settings'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'settings']))->method('post')->fields([
'<td class="nowrap maximal">' . html::escapeHTML($logs->__get('log_msg')) . '</td>' . // active
'<td class="nowrap count">' . html::escapeHTML(dt::dt2str(__('%Y-%m-%d %H:%M'), $logs->__get('log_dt'))) . '</td>' . (new Para())->items([
'</tr>'; (new Checkbox('active', Utils::isActive()))->value(1),
(new Label(__('Enable http password protection on this blog'), Label::OUTSIDE_LABEL_AFTER))->for('active')->class('classic'),
]),
// crypt
(new Para())->items([
(new Label(__('Crypt algorithm:'), Label::OUTSIDE_LABEL_BEFORE))->for('crypt')->class('classic'),
(new Select('crypt'))->default(Utils::cryptMethod())->items(My::cryptCombo()),
]),
(new Note())->text(__('Some web servers does not surpport plaintext (no) encryption.'))->class('form-note'),
(new Note())->text(__('If you change crypt algo, you must edit and resave each users passwords.'))->class('form-note'),
// message
(new Para())->items([
(new Label(__('Authentication message:')))->for('message'),
(new Input('message'))->size(60)->maxlenght(255)->value(Utils::httpMessage()),
]),
(new Div())->class('clear')->items([
(new Submit(['save']))->value(__('Save')),
(new Hidden(['action'], 'savesettings')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
} }
echo if ('logins' == $part) {
'</table></div>'; $logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
} if ($logs->isEmpty()) {
} echo
'<p>' . __('Logins history is empty.') . '</p>';
} else {
echo
(new Form('section_logins'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'logins']))->method('post')->fields([
(new Para())->items([
(new Submit(['save']))->value(__('Clear logs')),
(new Hidden(['action'], 'savelogins')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render() .
if ('passwords' == $part) { '<div class="table-outer"><table>' .
if (empty($passwords)) { '<caption>' . sprintf(__('List of %s last logins.'), $logs->count()) . '</caption>' .
echo '<thead><tr>' .
'<p>' . __('Authorized users list is empty.') . '</p>'; '<th scope="col" class="first">' . __('Login') . '</th>' .
} else { '<th scope="col">' . __('Date') . '</th>' .
echo '</tr></thead<tbody>';
'<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]) . '">' .
'<div class="table-outer"><table>' . while ($logs->fetch()) {
'<caption>' . sprintf(__('List of %s authorized users.'), count($passwords)) . '</caption>' . echo
'<thead><tr>' . '<tr class="line">' .
'<th scope="col" class="first nowrap">' . __('Login') . '</th>' . '<td class="nowrap maximal">' . Html::escapeHTML($logs->f('log_msg')) . '</td>' .
'<th scope="col" class="first nowrap">' . __('New password') . '</th>' . '<td class="nowrap count">' . Html::escapeHTML(dt::dt2str(__('%Y-%m-%d %H:%M'), $logs->f('log_dt'))) . '</td>' .
'<th scope="col" class="nowrap">' . __('Action') . '</th>' . '</tr>';
'</tr></thead<tbody>'; }
echo
'</table></div>';
}
}
if ('passwords' == $part) {
$passwords = self::getPasswords();
if (empty($passwords)) {
echo
'<p>' . __('Authorized users list is empty.') . '</p>';
} else {
$lines = '';
foreach ($passwords as $login => $pwd) {
$lines .= '<tr class="line">' .
'<td class="nowrap maximal">' .
Html::escapeHTML($login) .
'</td>' .
'<td class="nowrap">' .
(new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlenght(255)->render() .
'</td>' .
'<td class="nowrap">' .
(new Submit(['edit[' . Html::escapeHTML($login) . ']']))->value(__('Change password'))->render() .
(new Submit(['delete[' . Html::escapeHTML($login) . ']']))->value(__('Delete'))->class('delete')->render() .
'</td>' .
'</tr>';
}
echo
(new Form('section_passwords'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
(new Text(
'',
'<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s authorized users.'), count($passwords)) . '</caption>' .
'<thead><tr>' .
'<th scope="col" class="first nowrap">' . __('Login') . '</th>' .
'<th scope="col" class="first nowrap">' . __('New password') . '</th>' .
'<th scope="col" class="nowrap">' . __('Action') . '</th>' .
'</tr></thead<tbody>' .
$lines .
'</table></div>'
)),
(new Para())->items([
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
}
foreach ($passwords as $login => $pwd) {
echo echo
'<tr class="line">' . (new Form('section_new'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
'<td class="nowrap maximal">' . (new Text('h3', Html::escapeHTML(__('Add a user')))),
html::escapeHTML($login) . // login
'</td>' . (new Para())->items([
'<td class="nowrap">' . (new Label(__('Login:')))->for('login'),
form::field(['newpassword[' . html::escapeHTML($login) . ']'], 60, 255, '') . (new Input('login'))->size(60)->maxlenght(255),
'</td>' . ]),
'<td class="nowrap">' . // password
'<input type="submit" name="edit[' . html::escapeHTML($login) . ']" value="' . __('Change password') . '" /> ' . (new Para())->items([
'<input type="submit" class="delete" name="delete[' . html::escapeHTML($login) . ']" value="' . __('Delete') . '" />' . (new Label(__('Password:')))->for('password'),
'</td>' . (new Input('password'))->size(60)->maxlenght(255),
'</tr>'; ]),
(new Para())->items([
(new Submit(['add']))->value(__('Save')),
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
} }
echo dcPage::closeModule();
'</table></div>
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savepasswords') .
form::hidden(['part'], $part) . '
</p></form>';
} }
echo ' private static function getSection(): string
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]) . '"> {
<h3>' . __('Add a user') . '</h3> $part = $_REQUEST['part'] ?? 'settings';
if (!in_array($part, My::sectionCombo()) || !Utils::isWritable()) {
$part = 'settings';
}
<p><label for="login">' . __('Login:') . '</label>' . return $part;
form::field('login', 60, 255, '') . ' }
</p>
<p><label for="password">' . __('Password:') . '</label>' . private static function getPasswords(): array
form::field('password', 60, 255, '') . ' {
</p> $passwords = [];
$lines = file(Utils::passwordFile());
if (!is_array($lines)) {
$lines = [];
}
sort($lines);
foreach ($lines as $line) {
[$login, $pwd] = explode(':', $line, 2);
$passwords[trim($login)] = trim($pwd);
}
unset($lines);
<p>' . return $passwords;
dcCore::app()->formNonce() . }
form::hidden(['action'], 'savepasswords') .
form::hidden(['part'], $part) . '
<input type="submit" name="add" value="' . __('Save') . '" />
</p></form>';
} }
echo
'</body></html>';

70
src/My.php Normal file
View File

@ -0,0 +1,70 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
class My
{
/** @var string This plugin permissions */
public const PERMISSION = 'httpPassword';
/** @var string Passwords file name */
public const FILE_PASSWORD = '.htpasswd';
/**
* This module id
*/
public static function id(): string
{
return basename(dirname(__DIR__));
}
/**
* This module name
*/
public static function name(): string
{
return __((string) dcCore::app()->plugins->moduleInfo(self::id(), 'name'));
}
/**
* Encryption methods combo
*/
public static function cryptCombo(): array
{
return [
__('No encryption') => 'plaintext',
__('Crypt DES standard') => 'crypt_std_des',
__('Crypt DES étendu') => 'crypt_ext_des',
__('Crypt MD5') => 'crypt_md5',
__('Crypt Blowfish') => 'crypt_blowfish',
__('Crypt SHA256') => 'crypt_sha256',
__('Crypt SHA512') => 'crypt_sha512',
];
}
/**
* Admin section menu
*/
public static function sectionCombo(): array
{
return [
__('Settings') => 'settings',
__('Logins history') => 'logins',
__('Authorized users') => 'passwords',
];
}
}

View File

@ -10,15 +10,33 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_RC_PATH')) { declare(strict_types=1);
return null;
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
class Prepend extends dcNsProcess
{
public static function init(): bool
{
self::$init = true;
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
dcCore::app()->auth->setPermissionType(
My::PERMISSION,
__('Manage http password blog protection')
);
return true;
}
} }
Clearbricks::lib()->autoload([
'httpPassword' => implode(DIRECTORY_SEPARATOR, [__DIR__, 'inc', 'class.httppassword.php']),
]);
dcCore::app()->auth->setPermissionType(
initHttpPassword::PERMISSION,
__('Manage http password blog protection')
);

View File

@ -10,20 +10,20 @@
* @copyright Jean-Christian Denis * @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
if (!defined('DC_RC_PATH')) { declare(strict_types=1);
return null;
}
class httpPassword namespace Dotclear\Plugin\httpPassword;
use dcCore;
class Utils
{ {
public static function id(): string /**
{ * Crypt password
return basename(dirname(__DIR__)); */
}
public static function crypt(?string $secret): string public static function crypt(?string $secret): string
{ {
switch (dcCore::app()->blog->settings->get(self::id())->get('crypt')) { switch (self::cryptMethod()) {
case 'plaintext': case 'plaintext':
$saltlen = -1; $saltlen = -1;
$salt = ''; $salt = '';
@ -75,9 +75,44 @@ class httpPassword
return($secret); return($secret);
} }
/**
* Setting: active
*/
public static function isActive(): bool
{
return (bool) dcCore::app()->blog->settings->get(My::id())->get('active');
}
/**
* Setting: crypt
*/
public static function cryptMethod(): string
{
return (string) dcCore::app()->blog->settings->get(My::id())->get('crypt');
}
/**
* Setting: message
*/
public static function httpMessage(): string
{
return (string) dcCore::app()->blog->settings->get(My::id())->get('message');
}
/**
* Get passwords file path
*/
public static function passwordFile(): string
{
return dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
}
/**
* Check passwords file
*/
public static function isWritable(): bool public static function isWritable(): bool
{ {
if (false === ($fp = fopen(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD, 'a+'))) { if (false === ($fp = fopen(self::passwordFile(), 'a+'))) {
return false; return false;
} }
fclose($fp); fclose($fp);
@ -85,23 +120,13 @@ class httpPassword
return true; return true;
} }
public static function getCryptCombo(): array /**
{ * Send HTTP message
return [ */
__('No encryption') => 'plaintext',
__('Crypt DES standard') => 'crypt_std_des',
__('Crypt DES étendu') => 'crypt_ext_des',
__('Crypt MD5') => 'crypt_md5',
__('Crypt Blowfish') => 'crypt_blowfish',
__('Crypt SHA256') => 'crypt_sha256',
__('Crypt SHA512') => 'crypt_sha512',
];
}
public static function sendHttp401(): void public static function sendHttp401(): void
{ {
header('HTTP/1.1 401 Unauthorized'); header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . utf8_decode(htmlspecialchars_decode(dcCore::app()->blog->settings->get(self::id())->get('message'))) . '"'); header('WWW-Authenticate: Basic realm="' . utf8_decode(htmlspecialchars_decode(self::httpMessage())) . '"');
exit(0); exit(0);
} }
} }