JcDenis/httpPassword
1
0
Fork 0
Code Issues Pull Requests Releases 3 Activity

Compare commits

base: JcDenis:master
Branches Tags
JcDenis:master
JcDenis:v1.5.1
JcDenis:v1.5
JcDenis:v1.4
..
compare: JcDenis:v1.4
Branches Tags
JcDenis:master
JcDenis:v1.5.1
JcDenis:v1.5
JcDenis:v1.4

No commits in common. "master" and "v1.4" have entirely different histories.
master ... v1.4

12 changed files with 249 additions and 216 deletions
Show Stats Expand all files Collapse all files

170
CHANGELOG.md
View File

@ -1,91 +1,79 @@
httpPassword 1.5.1 - 2023.11.04 httpPassword 1.4 - 2023.08.12
=========================================================== ===========================================================
* Require Dotclear 2.28 * Require Dotclear 2.27
* Require PHP 8.1 * Require PHP 7.4+
* Fix typo * Upgrade to Dotclear 2.27
* Remove custom permission, only admin can handle httpPassword
httpPassword 1.5 - 2023.10.17 * Move third party repository
=========================================================== * Use Dotclear style for CHANGELOG
* Require Dotclear 2.28
* Require PHP 8.1 httpPassword 1.3 - 2023.05.13
* Upgrade to Dotclear 2.28 ===========================================================
* require dotclear 2.26
httpPassword 1.4 - 2023.08.12 * fix type hint and nullsafe warnings
===========================================================
* Require Dotclear 2.27 httpPassword 1.2 - 2023.04.22
* Require PHP 7.4+ ===========================================================
* Upgrade to Dotclear 2.27 * require dotclear 2.26
* Remove custom permission, only admin can handle httpPassword * add plugin Uninstaller features
* Move third party repository * use latest dotclear namespace
* Use Dotclear style for CHANGELOG * fix static init
* fix permission
httpPassword 1.3 - 2023.05.13 * code doc and review
===========================================================
* require dotclear 2.26 httpPassword 1.1 - 2023.03.25
* fix type hint and nullsafe warnings ===========================================================
* require dotclear 2.26
httpPassword 1.2 - 2023.04.22 * use namespace
===========================================================
* require dotclear 2.26 httpPassword 1.0 - 2022.12.30
* add plugin Uninstaller features ===========================================================
* use latest dotclear namespace * update to dotclear 2.24
* fix static init * change settings names
* fix permission * remove debug mode
* code doc and review * use dcLog table for last logins
httpPassword 1.1 - 2023.03.25 httpPassword 0.5.10
=========================================================== ===========================================================
* require dotclear 2.26 * fix typo
* use namespace * fix for PHP 5.3 compliance
httpPassword 1.0 - 2022.12.30 httpPassword 0.5.9
=========================================================== ===========================================================
* update to dotclear 2.24 * fix bug in history page (PHP errors when history was empty)
* change settings names * add page "debug" in plugin page in order to get infos about hosting setup (when plugins fails to authenticate users)
* remove debug mode
* use dcLog table for last logins httpPassword 0.5
===========================================================
httpPassword 0.5.10 * deep rewrite : HTTP auth is not directly handled by apache anymore but by a dotclear behavior
=========================================================== * add support of multiblog installation (thanks to Stephanie "piloue" and Gabriel for being so patient and their helpfull tests)
* fix typo * add support PHP running as CGI (tested with OVH hosting services)
* fix for PHP 5.3 compliance * auto-detect crypt functions available and let user choose it
* HTTP auth is not required in order to access to blog admin
httpPassword 0.5.9 * plugin admin page with tabs
=========================================================== * plugin imported to dotclear lab
* fix bug in history page (PHP errors when history was empty)
* add page "debug" in plugin page in order to get infos about hosting setup (when plugins fails to authenticate users) Known issues : This plugin does not protect non-php files (images, css, js)
httpPassword 0.5 httpPassword 0.4
=========================================================== ===========================================================
* deep rewrite : HTTP auth is not directly handled by apache anymore but by a dotclear behavior * check filepermission when running
* add support of multiblog installation (thanks to Stephanie "piloue" and Gabriel for being so patient and their helpfull tests) * add free.fr support
* add support PHP running as CGI (tested with OVH hosting services)
* auto-detect crypt functions available and let user choose it httpPassword 0.3
* HTTP auth is not required in order to access to blog admin ===========================================================
* plugin admin page with tabs * add last connection tracker
* plugin imported to dotclear lab
httpPassword 0.2 - 2008.11.22
Known issues : This plugin does not protect non-php files (images, css, js) ===========================================================
* _install.php added
httpPassword 0.4 * password crypt function setting added
=========================================================== * password crypt function can be choose within trim, crypt, md5, sha1
* check filepermission when running * remonte crypt function added as rcrypt rmd5 and rsha1 : crypt function
* add free.fr support is called over http://frederic.ple.name/....
This feature can ensure plugin running on php restricted environment
httpPassword 0.3 (ex: OVH.COM)
===========================================================
* add last connection tracker httpPassword 0.1 : 2008-11-17
===========================================================
httpPassword 0.2 - 2008.11.22 * INITIAL public release
===========================================================
* _install.php added
* password crypt function setting added
* password crypt function can be choose within trim, crypt, md5, sha1
* remonte crypt function added as rcrypt rmd5 and rsha1 : crypt function
is called over http://frederic.ple.name/....
This feature can ensure plugin running on php restricted environment
(ex: OVH.COM)
httpPassword 0.1 : 2008-11-17
===========================================================
* INITIAL public release

31
README.md
View File

@ -1,22 +1,25 @@
# README # README
[![Release](https://img.shields.io/badge/release-1.5.1-a2cbe9.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases) [![Release](https://img.shields.io/badge/release-1.4-a2cbe9.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
![Date](https://img.shields.io/badge/date-2023.10.04-c44d58.svg) [![Date](https://img.shields.io/badge/date-2023.08.12-c44d58.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
[![Dotclear](https://img.shields.io/badge/dotclear-v2.27-137bbb.svg)](https://fr.dotclear.org/download) [![Dotclear](https://img.shields.io/badge/dotclear-v2.27-137bbb.svg)](https://fr.dotclear.org/download)
[![Dotaddict](https://img.shields.io/badge/dotaddict-official-9ac123.svg)](https://plugins.dotaddict.org/dc2/details/httpPassword) [![Dotaddict](https://img.shields.io/badge/dotaddict-official-9ac123.svg)](https://plugins.dotaddict.org/dc2/details/httpPassword)
[![License](https://img.shields.io/badge/license-GPL--2.0-ececec.svg)](https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/LICENSE) [![License](https://img.shields.io/github/license/JcDenis/httpPassword)](https://git.dotclear.watch/JcDenis/httpPassword/blob/master/LICENSE)
## ABOUT ## WHAT IS HTTPPASSWORD ?
_httpPassword_ is a plugin for the open-source web publishing software called [Dotclear](https://www.dotclear.org). _httpPassword_ is a plugin for the open-source
web publishing software called Dotclear.
> Help to manage .httppassword files to make a blog private. Its helps to manage .httppassword files to make a blog private.
## REQUIREMENTS ## REQUIREMENTS
* Dotclear 2.28 _httpPassword_ requires:
* PHP 8.1+
* Dotclear write permissions on blogs directories * Dotclear 2.27
* PHP 7.4+
* Write permissions on blogs directories
## USAGE ## USAGE
@ -27,14 +30,14 @@ Manage settings, last logins, authorized users from sidebar menu _Http password_
## LINKS ## LINKS
* [License](https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/LICENSE) * License : [GNU GPL v2](https://www.gnu.org/licenses/old-licenses/lgpl-2.0.html)
* [Packages & details](https://git.dotclear.watch/JcDenis/httpPassword/releases) (or on [Dotaddict](https://plugins.dotaddict.org/dc2/details/httpPassword)) * Source & contribution : [Gitea Page](https://git.dotclear.watch/JcDenis/httpPassword) or [GitHub Page](https://github.com/JcDenis/httpPassword)
* [Sources & contributions](https://git.dotclear.watch/JcDenis/httpPassword) (or on [GitHub](https://github.com/JcDenis/httpPassword)) * Packages & details: [Gitea Page](https://git.dotclear.watch/JcDenis/httpPassword/releases) or [Dotaddict Page](https://plugins.dotaddict.org/dc2/details/httpPassword)
* [Issues & security](https://git.dotclear.watch/JcDenis/httpPassword/issues) (or on [GitHub](https://github.com/JcDenis/httpPassword/issues)) * Discussion & Help: [Dotclear Forum](http://forum.dotclear.org/viewtopic.php?pid=331158)
## CONTRIBUTORS ## CONTRIBUTORS
* Frederic PLE (author) * Frederic PLE (author)
* Jean-Christian Denis (latest) * Jean-Christian Denis
You are welcome to contribute to this code. You are welcome to contribute to this code.

34
_define.php
View File

@ -1,30 +1,32 @@
<?php <?php
/** /**
* @file * @brief httpPassword, a plugin for Dotclear 2
* @brief The plugin httpPassword definition
* @ingroup httpPassword
* *
* @defgroup httpPassword Plugin httpPassword. * @package Dotclear
* @subpackage Plugin
* *
* Manage .htpasswd file to make the blog private. * @author Frederic PLE and contributors
* *
* @author Frederic PLE (author) * @copyright Jean-Christian Denis
* @author Jean-Christian Denis (latest) * @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
declare(strict_types=1); if (!defined('DC_RC_PATH')) {
return null;
}
$this->registerModule( $this->registerModule(
'Http password', 'Http password',
'Manage .htpasswd file to make the blog private', 'Manage .htpasswd file to make the blog private',
'Frederic PLE and contributors', 'Frederic PLE and contributors',
'1.5.1', '1.4',
[ [
'requires' => [['core', '2.28']], 'requires' => [['core', '2.27']],
'permissions' => 'My', 'permissions' => dcCore::app()->auth->makePermissions([
'type' => 'plugin', dcCore::app()->auth::PERMISSION_ADMIN,
'support' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/issues', ]),
'details' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/src/branch/master/README.md', 'type' => 'plugin',
'repository' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/raw/branch/master/dcstore.xml', 'support' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/issues',
'details' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/src/branch/master/README.md',
'repository' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/raw/branch/master/dcstore.xml',
] ]
); );

21
_init.php Normal file
View File

@ -0,0 +1,21 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_RC_PATH')) {
return null;
}
class initHttpPassword
{
public const PERMISSION = 'httpPassword';
public const FILE_PASSWORD = '.htpasswd';
}

6
dcstore.xml
View File

@ -2,11 +2,11 @@
<modules xmlns:da="http://dotaddict.org/da/"> <modules xmlns:da="http://dotaddict.org/da/">
<module id="httpPassword"> <module id="httpPassword">
<name>Http password</name> <name>Http password</name>
<version>1.5.1</version> <version>1.4</version>
<author>Frederic PLE and contributors</author> <author>Frederic PLE and contributors</author>
<desc>Manage .htpasswd file to make the blog private</desc> <desc>Manage .htpasswd file to make the blog private</desc>
<file>https://git.dotclear.watch/JcDenis/httpPassword/releases/download/v1.5.1/plugin-httpPassword.zip</file> <file>https://git.dotclear.watch/JcDenis/httpPassword/releases/download/v1.4/plugin-httpPassword.zip</file>
<da:dcmin>2.28</da:dcmin> <da:dcmin>2.27</da:dcmin>
<da:details>https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/README.md</da:details> <da:details>https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/README.md</da:details>
<da:support>https://git.dotclear.watch/JcDenis/httpPassword/issues</da:support> <da:support>https://git.dotclear.watch/JcDenis/httpPassword/issues</da:support>
</module> </module>

20
src/Backend.php
View File

@ -1,19 +1,21 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
use Dotclear\Core\Process; use Dotclear\Core\Process;
/**
* @brief httpPassword backend class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Backend extends Process class Backend extends Process
{ {
public static function init(): bool public static function init(): bool

42
src/Frontend.php
View File

@ -1,20 +1,23 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
use Dotclear\App; use dcCore;
use dcLog;
use Dotclear\Core\Process; use Dotclear\Core\Process;
/**
* @brief httpPassword frontend class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Frontend extends Process class Frontend extends Process
{ {
public static function init(): bool public static function init(): bool
@ -29,8 +32,9 @@ class Frontend extends Process
} }
// check password on frontend // check password on frontend
App::behavior()->addBehavior('publicPrependV2', function (): void { dcCore::app()->addBehavior('publicPrependV2', function (): void {
if (!App::blog()->isDefined()) { // nullsafe
if (is_null(dcCore::app()->blog)) {
return; return;
} }
$PHP_AUTH_USER = $PHP_AUTH_PW = ''; $PHP_AUTH_USER = $PHP_AUTH_PW = '';
@ -40,19 +44,19 @@ class Frontend extends Process
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW']; $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
} elseif (isset($_ENV['REMOTE_USER'])) { } elseif (isset($_ENV['REMOTE_USER'])) {
[$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2); [$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2);
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode((string) $PHP_AUTH_USER)); [$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER));
} }
if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') { if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') {
Utils::sendHttp401(); Utils::sendHttp401();
} }
if (!is_file(App::blog()->publicPath() . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) { if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) {
header('HTTP/1.0 500 Internal Server Error'); header('HTTP/1.0 500 Internal Server Error');
echo 'httpPassword plugin is not well configured.'; echo 'httpPassword plugin is not well configured.';
exit(1); exit(1);
} }
$htpasswd = file(App::blog()->publicPath() . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false; $authenticated = false;
if ($htpasswd !== false) { if ($htpasswd !== false) {
foreach ($htpasswd as $ligne) { foreach ($htpasswd as $ligne) {
@ -69,18 +73,18 @@ class Frontend extends Process
if (!$authenticated) { if (!$authenticated) {
Utils::sendHttp401(); Utils::sendHttp401();
} else { } else {
$logs = App::log()->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]); $logs = dcCore::app()->log->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]);
if (!$logs->isEmpty()) { if (!$logs->isEmpty()) {
$ids = []; $ids = [];
while ($logs->fetch()) { while ($logs->fetch()) {
$ids[] = is_numeric($logs->f('log_id')) ? (int) $logs->f('log_id') : 0; $ids[] = is_numeric($logs->f('log_id')) ? (int) $logs->f('log_id') : 0;
} }
App::log()->delLogs($ids); $logs = dcCore::app()->log->delLogs($ids);
} }
$cursor = App::log()->openLogCursor(); $cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME);
$cursor->setField('log_table', My::id()); $cursor->setField('log_table', My::id());
$cursor->setField('log_msg', $PHP_AUTH_USER); $cursor->setField('log_msg', $PHP_AUTH_USER);
App::log()->addLog($cursor); dcCore::app()->log->addLog($cursor);
} }
}); });

24
src/Install.php
View File

@ -1,21 +1,23 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
use Dotclear\App; use dcCore;
use Dotclear\Core\Process; use Dotclear\Core\Process;
use Exception; use Exception;
/**
* @brief httpPassword install class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Install extends Process class Install extends Process
{ {
public static function init(): bool public static function init(): bool
@ -38,7 +40,7 @@ class Install extends Process
return true; return true;
} catch (Exception $e) { } catch (Exception $e) {
App::error()->add($e->getMessage()); dcCore::app()->error->add($e->getMessage());
} }
return true; return true;

43
src/Manage.php
View File

@ -1,10 +1,20 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
use Dotclear\App; use dcCore;
use Dotclear\Core\Backend\{ use Dotclear\Core\Backend\{
Notices, Notices,
Page Page
@ -27,12 +37,7 @@ use Dotclear\Helper\Html\Form\{
}; };
/** /**
* @brief httpPassword manage class. * Manage contributions list
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
class Manage extends Process class Manage extends Process
{ {
@ -43,7 +48,7 @@ class Manage extends Process
public static function process(): bool public static function process(): bool
{ {
if (!self::status() || !App::blog()->isDefined()) { if (!self::status() || is_null(dcCore::app()->blog)) {
return false; return false;
} }
@ -66,7 +71,7 @@ class Manage extends Process
$s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext'); $s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']); $s->put('message', (string) $_POST['message']);
App::blog()->triggerBlog(); dcCore::app()->blog->triggerBlog();
Notices::addSuccessNotice( Notices::addSuccessNotice(
__('Settings successfully updated.') __('Settings successfully updated.')
@ -77,13 +82,13 @@ class Manage extends Process
// delete users logins // delete users logins
if ('savelogins' == $action) { if ('savelogins' == $action) {
$logs = App::log()->getLogs(['log_table' => My::id()]); $logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if (!$logs->isEmpty()) { if (!$logs->isEmpty()) {
$ids = []; $ids = [];
while ($logs->fetch()) { while ($logs->fetch()) {
$ids[] = $logs->__get('log_id'); $ids[] = $logs->__get('log_id');
} }
App::log()->delLogs($ids); $logs = dcCore::app()->log->delLogs($ids);
Notices::addSuccessNotice( Notices::addSuccessNotice(
__('Logs successfully cleared.') __('Logs successfully cleared.')
@ -125,7 +130,7 @@ class Manage extends Process
} }
file_put_contents(Utils::passwordFile(), $contents); file_put_contents(Utils::passwordFile(), $contents);
App::blog()->triggerBlog(); dcCore::app()->blog->triggerBlog();
Notices::addSuccessNotice( Notices::addSuccessNotice(
__('Logins successfully updated.') __('Logins successfully updated.')
@ -139,7 +144,7 @@ class Manage extends Process
public static function render(): void public static function render(): void
{ {
if (!self::status() || !App::blog()->isDefined()) { if (!self::status() || is_null(dcCore::app()->blog)) {
return; return;
} }
@ -190,7 +195,7 @@ class Manage extends Process
// message // message
(new Para())->items([ (new Para())->items([
(new Label(__('Authentication message:')))->for('message'), (new Label(__('Authentication message:')))->for('message'),
(new Input('message'))->size(60)->maxlength(255)->value(Utils::httpMessage()), (new Input('message'))->size(60)->maxlenght(255)->value(Utils::httpMessage()),
]), ]),
(new Div())->class('clear')->items([ (new Div())->class('clear')->items([
(new Submit(['save']))->value(__('Save')), (new Submit(['save']))->value(__('Save')),
@ -202,7 +207,7 @@ class Manage extends Process
// delete logins form // delete logins form
if ('logins' == $part) { if ('logins' == $part) {
$logs = App::log()->getLogs(['log_table' => My::id()]); $logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if ($logs->isEmpty()) { if ($logs->isEmpty()) {
echo echo
'<p>' . __('Logins history is empty.') . '</p>'; '<p>' . __('Logins history is empty.') . '</p>';
@ -255,7 +260,7 @@ class Manage extends Process
Html::escapeHTML($login) . Html::escapeHTML($login) .
'</td>' . '</td>' .
'<td class="nowrap">' . '<td class="nowrap">' .
(new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlength(255)->render() . (new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlenght(255)->render() .
'</td>' . '</td>' .
'<td class="nowrap">' . '<td class="nowrap">' .
(new Submit(['edit[' . Html::escapeHTML($login) . ']']))->value(__('Change password'))->render() . (new Submit(['edit[' . Html::escapeHTML($login) . ']']))->value(__('Change password'))->render() .
@ -292,12 +297,12 @@ class Manage extends Process
// login // login
(new Para())->items([ (new Para())->items([
(new Label(__('Login:')))->for('login'), (new Label(__('Login:')))->for('login'),
(new Input('login'))->size(60)->maxlength(255), (new Input('login'))->size(60)->maxlenght(255),
]), ]),
// password // password
(new Para())->items([ (new Para())->items([
(new Label(__('Password:')))->for('password'), (new Label(__('Password:')))->for('password'),
(new Input('password'))->size(60)->maxlength(255), (new Input('password'))->size(60)->maxlenght(255),
]), ]),
(new Para())->items([ (new Para())->items([
(new Submit(['add']))->value(__('Save')), (new Submit(['add']))->value(__('Save')),

25
src/My.php
View File

@ -1,5 +1,15 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
@ -7,20 +17,11 @@ namespace Dotclear\Plugin\httpPassword;
use Dotclear\Module\MyPlugin; use Dotclear\Module\MyPlugin;
/** /**
* @brief httpPassword My helper. * This module definitions.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/ */
class My extends MyPlugin class My extends MyPlugin
{ {
/** /** @var string Passwords file name */
* Passwords file name.
*
* @var string FILE_PASSWORD
*/
public const FILE_PASSWORD = '.htpasswd'; public const FILE_PASSWORD = '.htpasswd';
/** /**

23
src/Uninstall.php
View File

@ -1,20 +1,23 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
use dcCore;
use Dotclear\Core\Process; use Dotclear\Core\Process;
use Dotclear\Plugin\Uninstaller\Uninstaller; use Dotclear\Plugin\Uninstaller\Uninstaller;
/**
* @brief httpPassword uninstall class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Uninstall extends Process class Uninstall extends Process
{ {
public static function init(): bool public static function init(): bool
@ -24,7 +27,7 @@ class Uninstall extends Process
public static function process(): bool public static function process(): bool
{ {
if (!self::status()) { if (!self::status() || !dcCore::app()->plugins->moduleExists('Uninstaller')) {
return false; return false;
} }

26
src/Utils.php
View File

@ -1,19 +1,21 @@
<?php <?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1); declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword; namespace Dotclear\Plugin\httpPassword;
use Dotclear\App; use dcCore;
/**
* @brief httpPassword utils.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Utils class Utils
{ {
/** /**
@ -69,7 +71,7 @@ class Utils
if ($saltlen > 0) { if ($saltlen > 0) {
$salt .= substr( $salt .= substr(
sha1(App::nonce()->getNonce() . date('U')), sha1(dcCore::app()->getNonce() . date('U')),
2, 2,
$saltlen - strlen($salt) $saltlen - strlen($salt)
); );
@ -116,7 +118,7 @@ class Utils
*/ */
public static function passwordFile(): string public static function passwordFile(): string
{ {
return App::blog()->isDefined() ? App::blog()->publicPath() . DIRECTORY_SEPARATOR . My::FILE_PASSWORD : ''; return is_null(dcCore::app()->blog) ? '' : dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
} }
/** /**