use namespace

This commit is contained in:
Jean-Christian Denis 2023-03-26 00:03:44 +01:00
parent 37b1ded7a7
commit 9aee331b92
Signed by: JcDenis
GPG key ID: 1B5B8C5B90B6C951
7 changed files with 605 additions and 357 deletions

View file

@ -10,17 +10,42 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_CONTEXT_ADMIN')) {
return null;
}
declare(strict_types=1);
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
__('Http password'),
dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)),
urldecode(dcPage::getPF(basename(__DIR__) . '/icon.png')),
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__))) . '(&.*)?$/', $_SERVER['REQUEST_URI']),
dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_USAGE,
initHttpPassword::PERMISSION,
]), dcCore::app()->blog->id)
);
namespace Dotclear\Plugin\httpPassword;
use dcAuth;
use dcAdmin;
use dcCore;
use dcPage;
use dcNsProcess;
class Backend extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_CONTEXT_ADMIN');
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
dcCore::app()->menu[dcAdmin::MENU_PLUGINS]->addItem(
My::name(),
dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
dcPage::getPF(My::id() . '/icon.png'),
preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.' . My::id())) . '(&.*)?$/', $_SERVER['REQUEST_URI']),
dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
dcAuth::PERMISSION_USAGE,
My::PERMISSION,
]), dcCore::app()->blog->id)
);
return true;
}
}

View file

@ -10,56 +10,81 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!dcCore::app()->blog->settings->get(basename(__DIR__))->get('active')) {
return null;
}
declare(strict_types=1);
dcCore::app()->addBehavior('publicPrependV2', function (): void {
$PHP_AUTH_USER = $PHP_AUTH_PW = '';
namespace Dotclear\Plugin\httpPassword;
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
} elseif (isset($_ENV['REMOTE_USER'])) {
[$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2);
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER));
}
if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') {
httpPassword::sendHttp401();
use dcCore;
use dcLog;
use dcNsProcess;
class Frontend extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_RC_PATH');
return self::$init;
}
if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD)) {
header('HTTP/1.0 500 Internal Server Error');
echo 'httpPassword plugin is not well configured.';
exit(1);
}
$htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false;
foreach ($htpasswd as $ligne) {
[$cur_user, $cur_pass] = explode(':', trim($ligne), 2);
if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW, $cur_pass) == $cur_pass) {
$authenticated = true;
public static function process(): bool
{
if (!self::$init || !Utils::isActive()) {
return false;
}
if ($authenticated) {
break;
}
}
unset($htpasswd);
if (!$authenticated) {
httpPassword::sendHttp401();
} else {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__), 'log_msg' => $PHP_AUTH_USER]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
dcCore::app()->addBehavior('publicPrependV2', function (): void {
$PHP_AUTH_USER = $PHP_AUTH_PW = '';
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
} elseif (isset($_ENV['REMOTE_USER'])) {
[$PHP_AUTH_PW, $PHP_AUTH_USER] = explode(' ', $_ENV['REMOTE_USER'], 2);
[$PHP_AUTH_USER, $PHP_AUTH_PW] = explode(':', base64_decode($PHP_AUTH_USER));
}
$logs = dcCore::app()->log->delLogs($ids);
}
$cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME);
$cursor->__set('log_table', basename(__DIR__));
$cursor->__set('log_msg', $PHP_AUTH_USER);
dcCore::app()->log->addLog($cursor);
if ($PHP_AUTH_PW === '' or $PHP_AUTH_USER === '') {
Utils::sendHttp401();
}
if (!is_file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD)) {
header('HTTP/1.0 500 Internal Server Error');
echo 'httpPassword plugin is not well configured.';
exit(1);
}
$htpasswd = file(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$authenticated = false;
if ($htpasswd !== false) {
foreach ($htpasswd as $ligne) {
[$cur_user, $cur_pass] = explode(':', trim($ligne), 2);
if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW, $cur_pass) == $cur_pass) {
$authenticated = true;
}
if ($authenticated) {
break;
}
}
}
unset($htpasswd);
if (!$authenticated) {
Utils::sendHttp401();
} else {
$logs = dcCore::app()->log->getLogs(['log_table' => My::id(), 'log_msg' => $PHP_AUTH_USER]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = (int) $logs->f('log_id');
}
$logs = dcCore::app()->log->delLogs($ids);
}
$cursor = dcCore::app()->con->openCursor(dcCore::app()->prefix . dcLog::LOG_TABLE_NAME);
$cursor->setField('log_table', My::id());
$cursor->setField('log_msg', $PHP_AUTH_USER);
dcCore::app()->log->addLog($cursor);
}
});
return true;
}
});
}

View file

@ -10,28 +10,41 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_CONTEXT_ADMIN')) {
return;
}
declare(strict_types=1);
try {
// Check versions
if (!dcCore::app()->newVersion(
basename(__DIR__),
dcCore::app()->plugins->moduleInfo(basename(__DIR__), 'version')
)) {
return null;
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
use Exception;
class Install extends dcNsProcess
{
public static function init(): bool
{
self::$init = defined('DC_CONTEXT_ADMIN') && dcCore::app()->newVersion(My::id(), dcCore::app()->plugins->moduleInfo(My::id(), 'version'));
return self::$init;
}
// Set settings
$s = dcCore::app()->blog->settings->get(basename(__DIR__));
$s->put('active', false, 'boolean', 'Enable plugin', false, false);
$s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false);
$s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false);
public static function process(): bool
{
if (!self::$init) {
return false;
}
return true;
} catch (Exception $e) {
dcCore::app()->error->add($e->getMessage());
try {
// Set settings
$s = dcCore::app()->blog->settings->get(My::id());
$s->put('active', false, 'boolean', 'Enable plugin', false, false);
$s->put('crypt', 'crypt_md5', 'string', 'Crypt algorithm', false, false);
$s->put('message', 'Private space', 'String', 'Personalized message on Authentication popup', false, false);
return true;
} catch (Exception $e) {
dcCore::app()->error->add($e->getMessage());
}
return true;
}
}
return false;

View file

@ -10,270 +10,342 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_CONTEXT_ADMIN')) {
return null;
}
declare(strict_types=1);
$s = dcCore::app()->blog->settings->get(basename(__DIR__));
$pwd_file = dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD;
$action = $_POST['action'] ?? '';
$redir = $_REQUEST['redir'] ?? '';
$part = $_REQUEST['part'] ?? 'settings';
$passwords = [];
$writable = httpPassword::isWritable();
$section_menu = [
__('Settings') => 'settings',
__('Logins history') => 'logins',
__('Authorized users') => 'passwords',
];
namespace Dotclear\Plugin\httpPassword;
if (!in_array($part, $section_menu) || !$writable) {
$part = 'settings';
}
if (empty($redir)) {
$redir = dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]);
}
if (!$writable) {
dcAdminNotices::addWarningNotice(
__('No write permissions on blogs directories.')
);
}
use dcCore;
use dcNsProcess;
use dcPage;
use Dotclear\Helper\Html\Html;
use Dotclear\Helper\Html\Form\{
Checkbox,
Div,
Form,
Hidden,
Input,
Label,
Note,
Para,
Select,
Submit,
Text
};
use dt;
if ('passwords' == $part) {
$lines = file($pwd_file);
if (!is_array($lines)) {
$lines = [];
}
sort($lines);
foreach ($lines as $line) {
[$login, $pwd] = explode(':', $line, 2);
$passwords[trim($login)] = trim($pwd);
}
unset($lines);
}
/**
* Manage contributions list
*/
class Manage extends dcNsProcess
{
public static function init(): bool
{
if (defined('DC_CONTEXT_ADMIN')) {
dcPage::check(dcCore::app()->auth->makePermissions([
My::PERMISSION,
]));
if ('savesettings' == $action) {
$s->put('active', !empty($_POST['active']));
$s->put('crypt', in_array((string) $_POST['crypt'], httpPassword::getCryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']);
dcCore::app()->blog->triggerBlog();
dcAdminNotices::addSuccessNotice(
__('Settings successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__),
['part' => $part]
);
}
if ('savelogins' == $action) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__)]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
self::$init = true;
}
$logs = dcCore::app()->log->delLogs($ids);
dcAdminNotices::addSuccessNotice(
__('Logs successfully cleared.')
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
if (!Utils::isWritable()) {
dcPage::addWarningNotice(
__('No write permissions on blogs directories.')
);
}
$part = self::getSection();
$action = $_POST['action'] ?? '';
if (empty($action)) {
return true;
}
if ('savesettings' == $action) {
$s = dcCore::app()->blog->settings->get(My::id());
$s->put('active', !empty($_POST['active']));
$s->put('crypt', in_array((string) $_POST['crypt'], My::cryptCombo()) ? $_POST['crypt'] : 'paintext');
$s->put('message', (string) $_POST['message']);
dcCore::app()->blog->triggerBlog();
dcPage::addSuccessNotice(
__('Settings successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
}
if ('savelogins' == $action) {
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if (!$logs->isEmpty()) {
$ids = [];
while ($logs->fetch()) {
$ids[] = $logs->__get('log_id');
}
$logs = dcCore::app()->log->delLogs($ids);
dcPage::addSuccessNotice(
__('Logs successfully cleared.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
}
}
if ('savepasswords' == $action) {
$passwords = self::getPasswords();
$lines = [];
if (!empty($_POST['login']) && !empty($_POST['password'])) {
$lines[$_POST['login']] = Utils::crypt($_POST['password']);
}
foreach ($passwords as $l => $p) {
// add login
if (array_key_exists($l, $lines)) {
continue;
}
// delete login
if (!empty($_POST['delete']) && array_key_exists($l, $_POST['delete'])) {
continue;
}
// change password
if (!empty($_POST['edit']) && array_key_exists($l, $_POST['edit'])
&& !empty($_POST['newpassword']) && array_key_exists($l, $_POST['newpassword'])
) {
$lines[$l] = Utils::crypt($_POST['newpassword'][$l]);
} else {
$lines[$l] = $p;
}
}
$contents = '';
foreach ($lines as $l => $p) {
$contents .= sprintf("%s:%s\r\n", $l, $p);
}
file_put_contents(Utils::passwordFile(), $contents);
dcCore::app()->blog->triggerBlog();
dcPage::addSuccessNotice(
__('Logins successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . My::id(),
['part' => $part]
);
}
return true;
}
public static function render(): void
{
if (!self::$init) {
return;
}
$part = self::getSection();
dcPage::openModule(
My::name(),
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(My::id() . '/js/backend.js')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__),
['part' => $part]
);
}
}
if ('savepasswords' == $action) {
$lines = [];
if (!empty($_POST['login']) && !empty($_POST['password'])) {
$lines[$_POST['login']] = httpPassword::crypt($_POST['password']);
}
foreach ($passwords as $l => $p) {
// add login
if (array_key_exists($l, $lines)) {
continue;
}
// delete login
if (!empty($_POST['delete']) && array_key_exists($l, $_POST['delete'])) {
continue;
}
// change password
if (!empty($_POST['edit']) && array_key_exists($l, $_POST['edit'])
&& !empty($_POST['newpassword']) && array_key_exists($l, $_POST['newpassword'])
) {
$lines[$l] = httpPassword::crypt($_POST['newpassword'][$l]);
} else {
$lines[$l] = $p;
}
}
$contents = '';
foreach ($lines as $l => $p) {
$contents .= sprintf("%s:%s\r\n", $l, $p);
}
file_put_contents($pwd_file, $contents);
dcCore::app()->blog->triggerBlog();
dcAdminNotices::addSuccessNotice(
__('Logins successfully updated.')
);
dcCore::app()->adminurl->redirect(
'admin.plugin.' . basename(__DIR__),
['part' => $part]
);
}
echo
'<html><head><title>' . __('Http password') . '</title>' .
dcPage::jsPageTabs() .
dcPage::jsModuleLoad(basename(__DIR__) . '/js/index.js') .
'</head><body>' .
dcPage::breadcrumb([
__('Plugins') => '',
__('Http password') => dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)),
array_search($part, $section_menu) => '',
]) .
dcPage::notices() .
# Filters select menu list
'<form method="get" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__)) . '" id="section_menu">' .
'<p class="anchor-nav"><label for="part" class="classic">' . __('Select section:') . ' </label>' .
form::combo('part', $section_menu, $part) . ' ' .
'<input type="submit" value="' . __('Ok') . '" />' .
form::hidden('p', basename(__DIR__)) . '</p>' .
'</form>' .
'<h3>' . array_search($part, $section_menu) . '</h3>';
if ('settings' == $part) {
echo '
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => 'settings']) . '">
<p><label for="active">' .
form::checkbox('active', '1', (bool) $s->get('active')) .
__('Enable http password protection on this blog') . '</label></p>
<p><label for="crypt">' . __('Crypt algorithm:') . '</label> ' .
form::combo('crypt', httpPassword::getCryptCombo(), (string) $s->get('crypt')) . '</p>
<p class="form-note">' .
__('Some web servers does not surpport plaintext (no) encryption.') . ' ' .
__('If you change crypt algo, you must edit and resave each users passwords.') .
'</p>
<p><label for="message">' . __('Authentication message:') . '</label>' .
form::field('message', 60, 255, html::escapeHTML((string) $s->get('message'))) . '
</p>
<div class="clear">
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savesettings') .
form::hidden(['part'], $part) . '
<input type="submit" name="save" value="' . __('Save') . '" />
</p></form>';
}
if ('logins' == $part) {
$logs = dcCore::app()->log->getLogs(['log_table' => basename(__DIR__)]);
if ($logs->isEmpty()) {
echo
'<p>' . __('Logins history is empty.') . '</p>';
} else {
echo '
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => 'logins']) . '">
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savelogins') .
form::hidden(['part'], $part) . '
<input type="submit" name="save" value="' . __('Clear logs') . '" />
</p></form>' .
dcPage::breadcrumb([
__('Plugins') => '',
My::name() => dcCore::app()->adminurl->get('admin.plugin.' . My::id()),
array_search($part, My::sectionCombo()) => '',
]) .
dcPage::notices() .
'<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s last logins.'), $logs->count()) . '</caption>' .
'<thead><tr>' .
'<th scope="col" class="first">' . __('Login') . '</th>' .
'<th scope="col">' . __('Date') . '</th>' .
'</tr></thead<tbody>';
# Filters select menu list
(new Form('section_menu'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id()))->method('get')->fields([
(new Para())->class('anchor-nav')->items([
(new Label(__('Select section:')))->for('part')->class('classic'),
(new Select('part'))->default($part)->items(My::sectionCombo()),
(new Submit(['go']))->value(__('Ok')),
(new Hidden(['p'], My::id())),
]),
])->render() .
while ($logs->fetch()) {
'<h3>' . array_search($part, My::sectionCombo()) . '</h3>';
if ('settings' == $part) {
echo
'<tr class="line">' .
'<td class="nowrap maximal">' . html::escapeHTML($logs->__get('log_msg')) . '</td>' .
'<td class="nowrap count">' . html::escapeHTML(dt::dt2str(__('%Y-%m-%d %H:%M'), $logs->__get('log_dt'))) . '</td>' .
'</tr>';
(new Form('section_settings'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'settings']))->method('post')->fields([
// active
(new Para())->items([
(new Checkbox('active', Utils::isActive()))->value(1),
(new Label(__('Enable http password protection on this blog'), Label::OUTSIDE_LABEL_AFTER))->for('active')->class('classic'),
]),
// crypt
(new Para())->items([
(new Label(__('Crypt algorithm:'), Label::OUTSIDE_LABEL_BEFORE))->for('crypt')->class('classic'),
(new Select('crypt'))->default(Utils::cryptMethod())->items(My::cryptCombo()),
]),
(new Note())->text(__('Some web servers does not surpport plaintext (no) encryption.'))->class('form-note'),
(new Note())->text(__('If you change crypt algo, you must edit and resave each users passwords.'))->class('form-note'),
// message
(new Para())->items([
(new Label(__('Authentication message:')))->for('message'),
(new Input('message'))->size(60)->maxlenght(255)->value(Utils::httpMessage()),
]),
(new Div())->class('clear')->items([
(new Submit(['save']))->value(__('Save')),
(new Hidden(['action'], 'savesettings')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
}
echo
'</table></div>';
}
}
if ('logins' == $part) {
$logs = dcCore::app()->log->getLogs(['log_table' => My::id()]);
if ($logs->isEmpty()) {
echo
'<p>' . __('Logins history is empty.') . '</p>';
} else {
echo
(new Form('section_logins'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => 'logins']))->method('post')->fields([
(new Para())->items([
(new Submit(['save']))->value(__('Clear logs')),
(new Hidden(['action'], 'savelogins')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render() .
if ('passwords' == $part) {
if (empty($passwords)) {
echo
'<p>' . __('Authorized users list is empty.') . '</p>';
} else {
echo
'<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]) . '">' .
'<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s authorized users.'), count($passwords)) . '</caption>' .
'<thead><tr>' .
'<th scope="col" class="first nowrap">' . __('Login') . '</th>' .
'<th scope="col" class="first nowrap">' . __('New password') . '</th>' .
'<th scope="col" class="nowrap">' . __('Action') . '</th>' .
'</tr></thead<tbody>';
'<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s last logins.'), $logs->count()) . '</caption>' .
'<thead><tr>' .
'<th scope="col" class="first">' . __('Login') . '</th>' .
'<th scope="col">' . __('Date') . '</th>' .
'</tr></thead<tbody>';
while ($logs->fetch()) {
echo
'<tr class="line">' .
'<td class="nowrap maximal">' . Html::escapeHTML($logs->f('log_msg')) . '</td>' .
'<td class="nowrap count">' . Html::escapeHTML(dt::dt2str(__('%Y-%m-%d %H:%M'), $logs->f('log_dt'))) . '</td>' .
'</tr>';
}
echo
'</table></div>';
}
}
if ('passwords' == $part) {
$passwords = self::getPasswords();
if (empty($passwords)) {
echo
'<p>' . __('Authorized users list is empty.') . '</p>';
} else {
$lines = '';
foreach ($passwords as $login => $pwd) {
$lines .= '<tr class="line">' .
'<td class="nowrap maximal">' .
Html::escapeHTML($login) .
'</td>' .
'<td class="nowrap">' .
(new Input(['newpassword[' . Html::escapeHTML($login) . ']']))->size(60)->maxlenght(255)->render() .
'</td>' .
'<td class="nowrap">' .
(new Submit(['edit[' . Html::escapeHTML($login) . ']']))->value(__('Change password'))->render() .
(new Submit(['delete[' . Html::escapeHTML($login) . ']']))->value(__('Delete'))->class('delete')->render() .
'</td>' .
'</tr>';
}
echo
(new Form('section_passwords'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
(new Text(
'',
'<div class="table-outer"><table>' .
'<caption>' . sprintf(__('List of %s authorized users.'), count($passwords)) . '</caption>' .
'<thead><tr>' .
'<th scope="col" class="first nowrap">' . __('Login') . '</th>' .
'<th scope="col" class="first nowrap">' . __('New password') . '</th>' .
'<th scope="col" class="nowrap">' . __('Action') . '</th>' .
'</tr></thead<tbody>' .
$lines .
'</table></div>'
)),
(new Para())->items([
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
}
foreach ($passwords as $login => $pwd) {
echo
'<tr class="line">' .
'<td class="nowrap maximal">' .
html::escapeHTML($login) .
'</td>' .
'<td class="nowrap">' .
form::field(['newpassword[' . html::escapeHTML($login) . ']'], 60, 255, '') .
'</td>' .
'<td class="nowrap">' .
'<input type="submit" name="edit[' . html::escapeHTML($login) . ']" value="' . __('Change password') . '" /> ' .
'<input type="submit" class="delete" name="delete[' . html::escapeHTML($login) . ']" value="' . __('Delete') . '" />' .
'</td>' .
'</tr>';
(new Form('section_new'))->action(dcCore::app()->adminurl->get('admin.plugin.' . My::id(), ['part' => $part]))->method('post')->fields([
(new Text('h3', Html::escapeHTML(__('Add a user')))),
// login
(new Para())->items([
(new Label(__('Login:')))->for('login'),
(new Input('login'))->size(60)->maxlenght(255),
]),
// password
(new Para())->items([
(new Label(__('Password:')))->for('password'),
(new Input('password'))->size(60)->maxlenght(255),
]),
(new Para())->items([
(new Submit(['add']))->value(__('Save')),
(new Hidden(['action'], 'savepasswords')),
(new Hidden(['part'], $part)),
(new Text('', dcCore::app()->formNonce())),
]),
])->render();
}
echo
'</table></div>
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savepasswords') .
form::hidden(['part'], $part) . '
</p></form>';
dcPage::closeModule();
}
echo '
<form method="post" action="' . dcCore::app()->adminurl->get('admin.plugin.' . basename(__DIR__), ['part' => $part]) . '">
<h3>' . __('Add a user') . '</h3>
private static function getSection(): string
{
$part = $_REQUEST['part'] ?? 'settings';
if (!in_array($part, My::sectionCombo()) || !Utils::isWritable()) {
$part = 'settings';
}
<p><label for="login">' . __('Login:') . '</label>' .
form::field('login', 60, 255, '') . '
</p>
return $part;
}
<p><label for="password">' . __('Password:') . '</label>' .
form::field('password', 60, 255, '') . '
</p>
private static function getPasswords(): array
{
$passwords = [];
$lines = file(Utils::passwordFile());
if (!is_array($lines)) {
$lines = [];
}
sort($lines);
foreach ($lines as $line) {
[$login, $pwd] = explode(':', $line, 2);
$passwords[trim($login)] = trim($pwd);
}
unset($lines);
<p>' .
dcCore::app()->formNonce() .
form::hidden(['action'], 'savepasswords') .
form::hidden(['part'], $part) . '
<input type="submit" name="add" value="' . __('Save') . '" />
</p></form>';
return $passwords;
}
}
echo
'</body></html>';

70
src/My.php Normal file
View file

@ -0,0 +1,70 @@
<?php
/**
* @brief httpPassword, a plugin for Dotclear 2
*
* @package Dotclear
* @subpackage Plugin
*
* @author Frederic PLE and contributors
*
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
class My
{
/** @var string This plugin permissions */
public const PERMISSION = 'httpPassword';
/** @var string Passwords file name */
public const FILE_PASSWORD = '.htpasswd';
/**
* This module id
*/
public static function id(): string
{
return basename(dirname(__DIR__));
}
/**
* This module name
*/
public static function name(): string
{
return __((string) dcCore::app()->plugins->moduleInfo(self::id(), 'name'));
}
/**
* Encryption methods combo
*/
public static function cryptCombo(): array
{
return [
__('No encryption') => 'plaintext',
__('Crypt DES standard') => 'crypt_std_des',
__('Crypt DES étendu') => 'crypt_ext_des',
__('Crypt MD5') => 'crypt_md5',
__('Crypt Blowfish') => 'crypt_blowfish',
__('Crypt SHA256') => 'crypt_sha256',
__('Crypt SHA512') => 'crypt_sha512',
];
}
/**
* Admin section menu
*/
public static function sectionCombo(): array
{
return [
__('Settings') => 'settings',
__('Logins history') => 'logins',
__('Authorized users') => 'passwords',
];
}
}

View file

@ -10,15 +10,33 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_RC_PATH')) {
return null;
declare(strict_types=1);
namespace Dotclear\Plugin\httpPassword;
use dcCore;
use dcNsProcess;
class Prepend extends dcNsProcess
{
public static function init(): bool
{
self::$init = true;
return self::$init;
}
public static function process(): bool
{
if (!self::$init) {
return false;
}
dcCore::app()->auth->setPermissionType(
My::PERMISSION,
__('Manage http password blog protection')
);
return true;
}
}
Clearbricks::lib()->autoload([
'httpPassword' => implode(DIRECTORY_SEPARATOR, [__DIR__, 'inc', 'class.httppassword.php']),
]);
dcCore::app()->auth->setPermissionType(
initHttpPassword::PERMISSION,
__('Manage http password blog protection')
);

View file

@ -10,20 +10,20 @@
* @copyright Jean-Christian Denis
* @copyright GPL-2.0 https://www.gnu.org/licenses/gpl-2.0.html
*/
if (!defined('DC_RC_PATH')) {
return null;
}
declare(strict_types=1);
class httpPassword
namespace Dotclear\Plugin\httpPassword;
use dcCore;
class Utils
{
public static function id(): string
{
return basename(dirname(__DIR__));
}
/**
* Crypt password
*/
public static function crypt(?string $secret): string
{
switch (dcCore::app()->blog->settings->get(self::id())->get('crypt')) {
switch (self::cryptMethod()) {
case 'plaintext':
$saltlen = -1;
$salt = '';
@ -75,9 +75,44 @@ class httpPassword
return($secret);
}
/**
* Setting: active
*/
public static function isActive(): bool
{
return (bool) dcCore::app()->blog->settings->get(My::id())->get('active');
}
/**
* Setting: crypt
*/
public static function cryptMethod(): string
{
return (string) dcCore::app()->blog->settings->get(My::id())->get('crypt');
}
/**
* Setting: message
*/
public static function httpMessage(): string
{
return (string) dcCore::app()->blog->settings->get(My::id())->get('message');
}
/**
* Get passwords file path
*/
public static function passwordFile(): string
{
return dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . My::FILE_PASSWORD;
}
/**
* Check passwords file
*/
public static function isWritable(): bool
{
if (false === ($fp = fopen(dcCore::app()->blog->public_path . DIRECTORY_SEPARATOR . initHttpPassword::FILE_PASSWORD, 'a+'))) {
if (false === ($fp = fopen(self::passwordFile(), 'a+'))) {
return false;
}
fclose($fp);
@ -85,23 +120,13 @@ class httpPassword
return true;
}
public static function getCryptCombo(): array
{
return [
__('No encryption') => 'plaintext',
__('Crypt DES standard') => 'crypt_std_des',
__('Crypt DES étendu') => 'crypt_ext_des',
__('Crypt MD5') => 'crypt_md5',
__('Crypt Blowfish') => 'crypt_blowfish',
__('Crypt SHA256') => 'crypt_sha256',
__('Crypt SHA512') => 'crypt_sha512',
];
}
/**
* Send HTTP message
*/
public static function sendHttp401(): void
{
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . utf8_decode(htmlspecialchars_decode(dcCore::app()->blog->settings->get(self::id())->get('message'))) . '"');
header('WWW-Authenticate: Basic realm="' . utf8_decode(htmlspecialchars_decode(self::httpMessage())) . '"');
exit(0);
}
}