Compare commits

..

No commits in common. "master" and "v1.4" have entirely different histories.
master ... v1.4

12 changed files with 249 additions and 216 deletions

View File

@ -1,15 +1,3 @@
httpPassword 1.5.1 - 2023.11.04
===========================================================
* Require Dotclear 2.28
* Require PHP 8.1
* Fix typo
httpPassword 1.5 - 2023.10.17
===========================================================
* Require Dotclear 2.28
* Require PHP 8.1
* Upgrade to Dotclear 2.28
httpPassword 1.4 - 2023.08.12
===========================================================
* Require Dotclear 2.27

View File

@ -1,22 +1,25 @@
# README
[![Release](https://img.shields.io/badge/release-1.5.1-a2cbe9.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
![Date](https://img.shields.io/badge/date-2023.10.04-c44d58.svg)
[![Release](https://img.shields.io/badge/release-1.4-a2cbe9.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
[![Date](https://img.shields.io/badge/date-2023.08.12-c44d58.svg)](https://git.dotclear.watch/JcDenis/httpPassword/releases)
[![Dotclear](https://img.shields.io/badge/dotclear-v2.27-137bbb.svg)](https://fr.dotclear.org/download)
[![Dotaddict](https://img.shields.io/badge/dotaddict-official-9ac123.svg)](https://plugins.dotaddict.org/dc2/details/httpPassword)
[![License](https://img.shields.io/badge/license-GPL--2.0-ececec.svg)](https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/LICENSE)
[![License](https://img.shields.io/github/license/JcDenis/httpPassword)](https://git.dotclear.watch/JcDenis/httpPassword/blob/master/LICENSE)
## ABOUT
## WHAT IS HTTPPASSWORD ?
_httpPassword_ is a plugin for the open-source web publishing software called [Dotclear](https://www.dotclear.org).
_httpPassword_ is a plugin for the open-source
web publishing software called Dotclear.
> Help to manage .httppassword files to make a blog private.
Its helps to manage .httppassword files to make a blog private.
## REQUIREMENTS
* Dotclear 2.28
* PHP 8.1+
* Dotclear write permissions on blogs directories
_httpPassword_ requires:
* Dotclear 2.27
* PHP 7.4+
* Write permissions on blogs directories
## USAGE
@ -27,14 +30,14 @@ Manage settings, last logins, authorized users from sidebar menu _Http password_
## LINKS
* [License](https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/LICENSE)
* [Packages & details](https://git.dotclear.watch/JcDenis/httpPassword/releases) (or on [Dotaddict](https://plugins.dotaddict.org/dc2/details/httpPassword))
* [Sources & contributions](https://git.dotclear.watch/JcDenis/httpPassword) (or on [GitHub](https://github.com/JcDenis/httpPassword))
* [Issues & security](https://git.dotclear.watch/JcDenis/httpPassword/issues) (or on [GitHub](https://github.com/JcDenis/httpPassword/issues))
* License : [GNU GPL v2](https://www.gnu.org/licenses/old-licenses/lgpl-2.0.html)
* Source & contribution : [Gitea Page](https://git.dotclear.watch/JcDenis/httpPassword) or [GitHub Page](https://github.com/JcDenis/httpPassword)
* Packages & details: [Gitea Page](https://git.dotclear.watch/JcDenis/httpPassword/releases) or [Dotaddict Page](https://plugins.dotaddict.org/dc2/details/httpPassword)
* Discussion & Help: [Dotclear Forum](http://forum.dotclear.org/viewtopic.php?pid=331158)
## CONTRIBUTORS
* Frederic PLE (author)
* Jean-Christian Denis (latest)
* Jean-Christian Denis
You are welcome to contribute to this code.

View File

@ -1,27 +1,29 @@
<?php
/**
* @file
* @brief The plugin httpPassword definition
* @ingroup httpPassword
* @brief httpPassword, a plugin for Dotclear 2
*
* @defgroup httpPassword Plugin httpPassword.
* @package Dotclear
* @subpackage Plugin
*
* Manage .htpasswd file to make the blog private.
* @author Frederic PLE and contributors
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
if (!defined('DC_RC_PATH')) {
return null;
}
$this->registerModule(
'Http password',
'Manage .htpasswd file to make the blog private',
'Frederic PLE and contributors',
'1.5.1',
'1.4',
[
'requires' => [['core', '2.28']],
'permissions' => 'My',
'requires' => [['core', '2.27']],
'permissions' => dcCore::app()->auth->makePermissions([
dcCore::app()->auth::PERMISSION_ADMIN,
]),
'type' => 'plugin',
'support' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/issues',
'details' => 'https://git.dotclear.watch/JcDenis/' . basename(__DIR__) . '/src/branch/master/README.md',

21
_init.php Normal file
View File

@ -0,0 +1,21 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_RC_PATH')) {
return null;
}
class initHttpPassword
{
public const PERMISSION = 'httpPassword';
public const FILE_PASSWORD = '.htpasswd';
}

View File

@ -2,11 +2,11 @@
<modules xmlns:da="http://dotaddict.org/da/">
<module id="httpPassword">
<name>Http password</name>
<version>1.5.1</version>
<version>1.4</version>
<author>Frederic PLE and contributors</author>
<desc>Manage .htpasswd file to make the blog private</desc>
<file>https://git.dotclear.watch/JcDenis/httpPassword/releases/download/v1.5.1/plugin-httpPassword.zip</file>
<da:dcmin>2.28</da:dcmin>
<file>https://git.dotclear.watch/JcDenis/httpPassword/releases/download/v1.4/plugin-httpPassword.zip</file>
<da:dcmin>2.27</da:dcmin>
<da:details>https://git.dotclear.watch/JcDenis/httpPassword/src/branch/master/README.md</da:details>
<da:support>https://git.dotclear.watch/JcDenis/httpPassword/issues</da:support>
</module>

View File

@ -1,19 +1,21 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use Dotclear\Core\Process;
/**
* @brief httpPassword backend class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Backend extends Process
{
public static function init(): bool

View File

@ -1,20 +1,23 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use Dotclear\App;
use dcCore;
use dcLog;
use Dotclear\Core\Process;
/**
* @brief httpPassword frontend class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Frontend extends Process
{
public static function init(): bool
@ -29,8 +32,9 @@ class Frontend extends Process
}
// check password on frontend
App::behavior()->addBehavior('publicPrependV2', function (): void {
if (!App::blog()->isDefined()) {
dcCore::app()->addBehavior('publicPrependV2', function (): void {
// nullsafe
if (is_null(dcCore::app()->blog)) {
return;
}
$PHP_AUTH_USER = $PHP_AUTH_PW = '';
@ -40,19 +44,19 @@ class Frontend extends Process
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
} elseif (isset($_ENV['REMOTE_USER'])) {
[$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2);
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode((string) $PHP_AUTH_USER));
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER));
}
if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') {
Utils::sendHttp401();
}
if (!is_file(App::blog()->publicPath() . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) {
if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) {
header('HTTP/1.0 500 Internal Server Error');
echo 'httpPassword plugin is not well configured.';
exit(1);
}
$htpasswd = file(App::blog()->publicPath() . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false;
if ($htpasswd !== false) {
foreach ($htpasswd as $ligne) {
@ -69,18 +73,18 @@ class Frontend extends Process
if (!$authenticated) {
Utils::sendHttp401();
} else {
$logs = App::log()->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]);
$logs = dcCore::app()->log->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = is_numeric($logs->f('log_id')) ? (int) $logs->f('log_id') : 0;
}
App::log()->delLogs($ids);
$logs = dcCore::app()->log->delLogs($ids);
}
$cursor = App::log()->openLogCursor();
$cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME);
$cursor->setField('log_table', My::id());
$cursor->setField('log_msg', $PHP_AUTH_USER);
App::log()->addLog($cursor);
dcCore::app()->log->addLog($cursor);
}
});

View File

@ -1,21 +1,23 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use Dotclear\App;
use dcCore;
use Dotclear\Core\Process;
use Exception;
/**
* @brief httpPassword install class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Install extends Process
{
public static function init(): bool
@ -38,7 +40,7 @@ class Install extends Process
return true;
} catch (Exception $e) {
App::error()->add($e->getMessage());
dcCore::app()->error->add($e->getMessage());
}
return true;

View File

@ -1,10 +1,20 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use Dotclear\App;
use dcCore;
use Dotclear\Core\Backend\{
Notices,
Page
@ -27,12 +37,7 @@ use Dotclear\Helper\Html\Form\{
};
/**
* @brief httpPassword manage class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
* Manage contributions list
*/
class Manage extends Process
{
@ -43,7 +48,7 @@ class Manage extends Process
public static function process(): bool
{
if (!self::status() || !App::blog()->isDefined()) {
if (!self::status() || is_null(dcCore::app()->blog)) {
return false;
}
@ -66,7 +71,7 @@ class Manage extends Process
$s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']);
App::blog()->triggerBlog();
dcCore::app()->blog->triggerBlog();
Notices::addSuccessNotice(
__('Settings successfully updated.')
@ -77,13 +82,13 @@ class Manage extends Process
// delete users logins
if ('savelogins' == $action) {
$logs = App::log()->getLogs(['log_table' => My::id()]);
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
}
App::log()->delLogs($ids);
$logs = dcCore::app()->log->delLogs($ids);
Notices::addSuccessNotice(
__('Logs successfully cleared.')
@ -125,7 +130,7 @@ class Manage extends Process
}
file_put_contents(Utils::passwordFile(), $contents);
App::blog()->triggerBlog();
dcCore::app()->blog->triggerBlog();
Notices::addSuccessNotice(
__('Logins successfully updated.')
@ -139,7 +144,7 @@ class Manage extends Process
public static function render(): void
{
if (!self::status() || !App::blog()->isDefined()) {
if (!self::status() || is_null(dcCore::app()->blog)) {
return;
}
@ -190,7 +195,7 @@ class Manage extends Process
// message
(new Para())->items([
(new Label(__('Authentication message:')))->for('message'),
(new Input('message'))->size(60)->maxlength(255)->value(Utils::httpMessage()),
(new Input('message'))->size(60)->maxlenght(255)->value(Utils::httpMessage()),
]),
(new Div())->class('clear')->items([
(new Submit(['save']))->value(__('Save')),
@ -202,7 +207,7 @@ class Manage extends Process
// delete logins form
if ('logins' == $part) {
$logs = App::log()->getLogs(['log_table' => My::id()]);
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if ($logs->isEmpty()) {
echo
'<p>' . __('Logins history is empty.') . '</p>';
@ -255,7 +260,7 @@ class Manage extends Process
Html::escapeHTML($login) .
'</td>' .
'<td class="nowrap">' .
(new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlength(255)->render() .
(new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlenght(255)->render() .
'</td>' .
'<td class="nowrap">' .
(new Submit(['edit[' . Html::escapeHTML($login) . ']']))->value(__('Change password'))->render() .
@ -292,12 +297,12 @@ class Manage extends Process
// login
(new Para())->items([
(new Label(__('Login:')))->for('login'),
(new Input('login'))->size(60)->maxlength(255),
(new Input('login'))->size(60)->maxlenght(255),
]),
// password
(new Para())->items([
(new Label(__('Password:')))->for('password'),
(new Input('password'))->size(60)->maxlength(255),
(new Input('password'))->size(60)->maxlenght(255),
]),
(new Para())->items([
(new Submit(['add']))->value(__('Save')),

View File

@ -1,5 +1,15 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
@ -7,20 +17,11 @@ namespace Dotclear\Plugin\httpPassword;
use Dotclear\Module\MyPlugin;
/**
* @brief httpPassword My helper.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
* This module definitions.
*/
class My extends MyPlugin
{
/**
* Passwords file name.
*
* @var string FILE_PASSWORD
*/
/** @var string Passwords file name */
public const FILE_PASSWORD = '.htpasswd';
/**

View File

@ -1,20 +1,23 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use Dotclear\Core\Process;
use Dotclear\Plugin\Uninstaller\Uninstaller;
/**
* @brief httpPassword uninstall class.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Uninstall extends Process
{
public static function init(): bool
@ -24,7 +27,7 @@ class Uninstall extends Process
public static function process(): bool
{
if (!self::status()) {
if (!self::status() || !dcCore::app()->plugins->moduleExists('Uninstaller')) {
return false;
}

View File

@ -1,19 +1,21 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use Dotclear\App;
use dcCore;
/**
* @brief httpPassword utils.
* @ingroup httpPassword
*
* @author Frederic PLE (author)
* @author Jean-Christian Denis (latest)
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
class Utils
{
/**
@ -69,7 +71,7 @@ class Utils
if ($saltlen > 0) {
$salt .= substr(
sha1(App::nonce()->getNonce() . date('U')),
sha1(dcCore::app()->getNonce() . date('U')),
2,
$saltlen - strlen($salt)
);
@ -116,7 +118,7 @@ class Utils
*/
public static function passwordFile(): string
{
return App::blog()->isDefined() ? App::blog()->publicPath() . DIRECTORY_SEPARATOR . My::FILE_PASSWORD : '';
return is_null(dcCore::app()->blog) ? '' : dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
}
/**