initial commit from httpPassword 0.5.10
This commit is contained in:
commit
dbb2ef00f3
8 changed files with 1036 additions and 0 deletions
37
CHANGELOG
Normal file
37
CHANGELOG
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
0.5.10 :
|
||||||
|
- fix typo
|
||||||
|
- fix for PHP 5.3 compliance
|
||||||
|
|
||||||
|
0.5.9 :
|
||||||
|
- fix bug in history page (PHP errors when history was empty)
|
||||||
|
- add page "debug" in plugin page in order to get infos about hosting setup (when plugins fails to authenticate users)
|
||||||
|
|
||||||
|
0.5 :
|
||||||
|
- deep rewrite : HTTP auth is not directly handled by apache anymore but by a dotclear behavior
|
||||||
|
- add support of multiblog installation (thanks to Stephanie "piloue" and Gabriel for being so patient and their helpfull tests)
|
||||||
|
- add support PHP running as CGI (tested with OVH hosting services)
|
||||||
|
- auto-detect crypt functions available and let user choose it
|
||||||
|
- HTTP auth is not required in order to access to blog admin
|
||||||
|
- plugin admin page with tabs
|
||||||
|
- plugin imported to dotclear lab
|
||||||
|
|
||||||
|
Known issues : This plugin does not protect non-php files (images, css, js)
|
||||||
|
|
||||||
|
0.4 : never released
|
||||||
|
- check filepermission when running
|
||||||
|
- add free.fr support
|
||||||
|
|
||||||
|
0.3 :
|
||||||
|
- add last connection tracker
|
||||||
|
|
||||||
|
0.2 : 2008-11-22
|
||||||
|
- _install.php added
|
||||||
|
- password crypt function setting added
|
||||||
|
- password crypt function can be choose within trim, crypt, md5, sha1
|
||||||
|
- remonte crypt function added as rcrypt rmd5 and rsha1 : crypt function
|
||||||
|
is called over http://frederic.ple.name/....
|
||||||
|
This feature can ensure plugin running on php restricted environment
|
||||||
|
(ex: OVH.COM)
|
||||||
|
|
||||||
|
0.1 : 2008-11-17
|
||||||
|
INITIAL public release
|
339
LICENSE
Normal file
339
LICENSE
Normal file
|
@ -0,0 +1,339 @@
|
||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
Version 2, June 1991
|
||||||
|
|
||||||
|
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
|
||||||
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
|
Preamble
|
||||||
|
|
||||||
|
The licenses for most software are designed to take away your
|
||||||
|
freedom to share and change it. By contrast, the GNU General Public
|
||||||
|
License is intended to guarantee your freedom to share and change free
|
||||||
|
software--to make sure the software is free for all its users. This
|
||||||
|
General Public License applies to most of the Free Software
|
||||||
|
Foundation's software and to any other program whose authors commit to
|
||||||
|
using it. (Some other Free Software Foundation software is covered by
|
||||||
|
the GNU Lesser General Public License instead.) You can apply it to
|
||||||
|
your programs, too.
|
||||||
|
|
||||||
|
When we speak of free software, we are referring to freedom, not
|
||||||
|
price. Our General Public Licenses are designed to make sure that you
|
||||||
|
have the freedom to distribute copies of free software (and charge for
|
||||||
|
this service if you wish), that you receive source code or can get it
|
||||||
|
if you want it, that you can change the software or use pieces of it
|
||||||
|
in new free programs; and that you know you can do these things.
|
||||||
|
|
||||||
|
To protect your rights, we need to make restrictions that forbid
|
||||||
|
anyone to deny you these rights or to ask you to surrender the rights.
|
||||||
|
These restrictions translate to certain responsibilities for you if you
|
||||||
|
distribute copies of the software, or if you modify it.
|
||||||
|
|
||||||
|
For example, if you distribute copies of such a program, whether
|
||||||
|
gratis or for a fee, you must give the recipients all the rights that
|
||||||
|
you have. You must make sure that they, too, receive or can get the
|
||||||
|
source code. And you must show them these terms so they know their
|
||||||
|
rights.
|
||||||
|
|
||||||
|
We protect your rights with two steps: (1) copyright the software, and
|
||||||
|
(2) offer you this license which gives you legal permission to copy,
|
||||||
|
distribute and/or modify the software.
|
||||||
|
|
||||||
|
Also, for each author's protection and ours, we want to make certain
|
||||||
|
that everyone understands that there is no warranty for this free
|
||||||
|
software. If the software is modified by someone else and passed on, we
|
||||||
|
want its recipients to know that what they have is not the original, so
|
||||||
|
that any problems introduced by others will not reflect on the original
|
||||||
|
authors' reputations.
|
||||||
|
|
||||||
|
Finally, any free program is threatened constantly by software
|
||||||
|
patents. We wish to avoid the danger that redistributors of a free
|
||||||
|
program will individually obtain patent licenses, in effect making the
|
||||||
|
program proprietary. To prevent this, we have made it clear that any
|
||||||
|
patent must be licensed for everyone's free use or not licensed at all.
|
||||||
|
|
||||||
|
The precise terms and conditions for copying, distribution and
|
||||||
|
modification follow.
|
||||||
|
|
||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||||
|
|
||||||
|
0. This License applies to any program or other work which contains
|
||||||
|
a notice placed by the copyright holder saying it may be distributed
|
||||||
|
under the terms of this General Public License. The "Program", below,
|
||||||
|
refers to any such program or work, and a "work based on the Program"
|
||||||
|
means either the Program or any derivative work under copyright law:
|
||||||
|
that is to say, a work containing the Program or a portion of it,
|
||||||
|
either verbatim or with modifications and/or translated into another
|
||||||
|
language. (Hereinafter, translation is included without limitation in
|
||||||
|
the term "modification".) Each licensee is addressed as "you".
|
||||||
|
|
||||||
|
Activities other than copying, distribution and modification are not
|
||||||
|
covered by this License; they are outside its scope. The act of
|
||||||
|
running the Program is not restricted, and the output from the Program
|
||||||
|
is covered only if its contents constitute a work based on the
|
||||||
|
Program (independent of having been made by running the Program).
|
||||||
|
Whether that is true depends on what the Program does.
|
||||||
|
|
||||||
|
1. You may copy and distribute verbatim copies of the Program's
|
||||||
|
source code as you receive it, in any medium, provided that you
|
||||||
|
conspicuously and appropriately publish on each copy an appropriate
|
||||||
|
copyright notice and disclaimer of warranty; keep intact all the
|
||||||
|
notices that refer to this License and to the absence of any warranty;
|
||||||
|
and give any other recipients of the Program a copy of this License
|
||||||
|
along with the Program.
|
||||||
|
|
||||||
|
You may charge a fee for the physical act of transferring a copy, and
|
||||||
|
you may at your option offer warranty protection in exchange for a fee.
|
||||||
|
|
||||||
|
2. You may modify your copy or copies of the Program or any portion
|
||||||
|
of it, thus forming a work based on the Program, and copy and
|
||||||
|
distribute such modifications or work under the terms of Section 1
|
||||||
|
above, provided that you also meet all of these conditions:
|
||||||
|
|
||||||
|
a) You must cause the modified files to carry prominent notices
|
||||||
|
stating that you changed the files and the date of any change.
|
||||||
|
|
||||||
|
b) You must cause any work that you distribute or publish, that in
|
||||||
|
whole or in part contains or is derived from the Program or any
|
||||||
|
part thereof, to be licensed as a whole at no charge to all third
|
||||||
|
parties under the terms of this License.
|
||||||
|
|
||||||
|
c) If the modified program normally reads commands interactively
|
||||||
|
when run, you must cause it, when started running for such
|
||||||
|
interactive use in the most ordinary way, to print or display an
|
||||||
|
announcement including an appropriate copyright notice and a
|
||||||
|
notice that there is no warranty (or else, saying that you provide
|
||||||
|
a warranty) and that users may redistribute the program under
|
||||||
|
these conditions, and telling the user how to view a copy of this
|
||||||
|
License. (Exception: if the Program itself is interactive but
|
||||||
|
does not normally print such an announcement, your work based on
|
||||||
|
the Program is not required to print an announcement.)
|
||||||
|
|
||||||
|
These requirements apply to the modified work as a whole. If
|
||||||
|
identifiable sections of that work are not derived from the Program,
|
||||||
|
and can be reasonably considered independent and separate works in
|
||||||
|
themselves, then this License, and its terms, do not apply to those
|
||||||
|
sections when you distribute them as separate works. But when you
|
||||||
|
distribute the same sections as part of a whole which is a work based
|
||||||
|
on the Program, the distribution of the whole must be on the terms of
|
||||||
|
this License, whose permissions for other licensees extend to the
|
||||||
|
entire whole, and thus to each and every part regardless of who wrote it.
|
||||||
|
|
||||||
|
Thus, it is not the intent of this section to claim rights or contest
|
||||||
|
your rights to work written entirely by you; rather, the intent is to
|
||||||
|
exercise the right to control the distribution of derivative or
|
||||||
|
collective works based on the Program.
|
||||||
|
|
||||||
|
In addition, mere aggregation of another work not based on the Program
|
||||||
|
with the Program (or with a work based on the Program) on a volume of
|
||||||
|
a storage or distribution medium does not bring the other work under
|
||||||
|
the scope of this License.
|
||||||
|
|
||||||
|
3. You may copy and distribute the Program (or a work based on it,
|
||||||
|
under Section 2) in object code or executable form under the terms of
|
||||||
|
Sections 1 and 2 above provided that you also do one of the following:
|
||||||
|
|
||||||
|
a) Accompany it with the complete corresponding machine-readable
|
||||||
|
source code, which must be distributed under the terms of Sections
|
||||||
|
1 and 2 above on a medium customarily used for software interchange; or,
|
||||||
|
|
||||||
|
b) Accompany it with a written offer, valid for at least three
|
||||||
|
years, to give any third party, for a charge no more than your
|
||||||
|
cost of physically performing source distribution, a complete
|
||||||
|
machine-readable copy of the corresponding source code, to be
|
||||||
|
distributed under the terms of Sections 1 and 2 above on a medium
|
||||||
|
customarily used for software interchange; or,
|
||||||
|
|
||||||
|
c) Accompany it with the information you received as to the offer
|
||||||
|
to distribute corresponding source code. (This alternative is
|
||||||
|
allowed only for noncommercial distribution and only if you
|
||||||
|
received the program in object code or executable form with such
|
||||||
|
an offer, in accord with Subsection b above.)
|
||||||
|
|
||||||
|
The source code for a work means the preferred form of the work for
|
||||||
|
making modifications to it. For an executable work, complete source
|
||||||
|
code means all the source code for all modules it contains, plus any
|
||||||
|
associated interface definition files, plus the scripts used to
|
||||||
|
control compilation and installation of the executable. However, as a
|
||||||
|
special exception, the source code distributed need not include
|
||||||
|
anything that is normally distributed (in either source or binary
|
||||||
|
form) with the major components (compiler, kernel, and so on) of the
|
||||||
|
operating system on which the executable runs, unless that component
|
||||||
|
itself accompanies the executable.
|
||||||
|
|
||||||
|
If distribution of executable or object code is made by offering
|
||||||
|
access to copy from a designated place, then offering equivalent
|
||||||
|
access to copy the source code from the same place counts as
|
||||||
|
distribution of the source code, even though third parties are not
|
||||||
|
compelled to copy the source along with the object code.
|
||||||
|
|
||||||
|
4. You may not copy, modify, sublicense, or distribute the Program
|
||||||
|
except as expressly provided under this License. Any attempt
|
||||||
|
otherwise to copy, modify, sublicense or distribute the Program is
|
||||||
|
void, and will automatically terminate your rights under this License.
|
||||||
|
However, parties who have received copies, or rights, from you under
|
||||||
|
this License will not have their licenses terminated so long as such
|
||||||
|
parties remain in full compliance.
|
||||||
|
|
||||||
|
5. You are not required to accept this License, since you have not
|
||||||
|
signed it. However, nothing else grants you permission to modify or
|
||||||
|
distribute the Program or its derivative works. These actions are
|
||||||
|
prohibited by law if you do not accept this License. Therefore, by
|
||||||
|
modifying or distributing the Program (or any work based on the
|
||||||
|
Program), you indicate your acceptance of this License to do so, and
|
||||||
|
all its terms and conditions for copying, distributing or modifying
|
||||||
|
the Program or works based on it.
|
||||||
|
|
||||||
|
6. Each time you redistribute the Program (or any work based on the
|
||||||
|
Program), the recipient automatically receives a license from the
|
||||||
|
original licensor to copy, distribute or modify the Program subject to
|
||||||
|
these terms and conditions. You may not impose any further
|
||||||
|
restrictions on the recipients' exercise of the rights granted herein.
|
||||||
|
You are not responsible for enforcing compliance by third parties to
|
||||||
|
this License.
|
||||||
|
|
||||||
|
7. If, as a consequence of a court judgment or allegation of patent
|
||||||
|
infringement or for any other reason (not limited to patent issues),
|
||||||
|
conditions are imposed on you (whether by court order, agreement or
|
||||||
|
otherwise) that contradict the conditions of this License, they do not
|
||||||
|
excuse you from the conditions of this License. If you cannot
|
||||||
|
distribute so as to satisfy simultaneously your obligations under this
|
||||||
|
License and any other pertinent obligations, then as a consequence you
|
||||||
|
may not distribute the Program at all. For example, if a patent
|
||||||
|
license would not permit royalty-free redistribution of the Program by
|
||||||
|
all those who receive copies directly or indirectly through you, then
|
||||||
|
the only way you could satisfy both it and this License would be to
|
||||||
|
refrain entirely from distribution of the Program.
|
||||||
|
|
||||||
|
If any portion of this section is held invalid or unenforceable under
|
||||||
|
any particular circumstance, the balance of the section is intended to
|
||||||
|
apply and the section as a whole is intended to apply in other
|
||||||
|
circumstances.
|
||||||
|
|
||||||
|
It is not the purpose of this section to induce you to infringe any
|
||||||
|
patents or other property right claims or to contest validity of any
|
||||||
|
such claims; this section has the sole purpose of protecting the
|
||||||
|
integrity of the free software distribution system, which is
|
||||||
|
implemented by public license practices. Many people have made
|
||||||
|
generous contributions to the wide range of software distributed
|
||||||
|
through that system in reliance on consistent application of that
|
||||||
|
system; it is up to the author/donor to decide if he or she is willing
|
||||||
|
to distribute software through any other system and a licensee cannot
|
||||||
|
impose that choice.
|
||||||
|
|
||||||
|
This section is intended to make thoroughly clear what is believed to
|
||||||
|
be a consequence of the rest of this License.
|
||||||
|
|
||||||
|
8. If the distribution and/or use of the Program is restricted in
|
||||||
|
certain countries either by patents or by copyrighted interfaces, the
|
||||||
|
original copyright holder who places the Program under this License
|
||||||
|
may add an explicit geographical distribution limitation excluding
|
||||||
|
those countries, so that distribution is permitted only in or among
|
||||||
|
countries not thus excluded. In such case, this License incorporates
|
||||||
|
the limitation as if written in the body of this License.
|
||||||
|
|
||||||
|
9. The Free Software Foundation may publish revised and/or new versions
|
||||||
|
of the General Public License from time to time. Such new versions will
|
||||||
|
be similar in spirit to the present version, but may differ in detail to
|
||||||
|
address new problems or concerns.
|
||||||
|
|
||||||
|
Each version is given a distinguishing version number. If the Program
|
||||||
|
specifies a version number of this License which applies to it and "any
|
||||||
|
later version", you have the option of following the terms and conditions
|
||||||
|
either of that version or of any later version published by the Free
|
||||||
|
Software Foundation. If the Program does not specify a version number of
|
||||||
|
this License, you may choose any version ever published by the Free Software
|
||||||
|
Foundation.
|
||||||
|
|
||||||
|
10. If you wish to incorporate parts of the Program into other free
|
||||||
|
programs whose distribution conditions are different, write to the author
|
||||||
|
to ask for permission. For software which is copyrighted by the Free
|
||||||
|
Software Foundation, write to the Free Software Foundation; we sometimes
|
||||||
|
make exceptions for this. Our decision will be guided by the two goals
|
||||||
|
of preserving the free status of all derivatives of our free software and
|
||||||
|
of promoting the sharing and reuse of software generally.
|
||||||
|
|
||||||
|
NO WARRANTY
|
||||||
|
|
||||||
|
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
|
||||||
|
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
|
||||||
|
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
|
||||||
|
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
|
||||||
|
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||||
|
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
|
||||||
|
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
|
||||||
|
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
|
||||||
|
REPAIR OR CORRECTION.
|
||||||
|
|
||||||
|
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||||
|
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
|
||||||
|
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
|
||||||
|
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
|
||||||
|
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
|
||||||
|
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
|
||||||
|
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
|
||||||
|
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
|
||||||
|
POSSIBILITY OF SUCH DAMAGES.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
How to Apply These Terms to Your New Programs
|
||||||
|
|
||||||
|
If you develop a new program, and you want it to be of the greatest
|
||||||
|
possible use to the public, the best way to achieve this is to make it
|
||||||
|
free software which everyone can redistribute and change under these terms.
|
||||||
|
|
||||||
|
To do so, attach the following notices to the program. It is safest
|
||||||
|
to attach them to the start of each source file to most effectively
|
||||||
|
convey the exclusion of warranty; and each file should have at least
|
||||||
|
the "copyright" line and a pointer to where the full notice is found.
|
||||||
|
|
||||||
|
<one line to give the program's name and a brief idea of what it does.>
|
||||||
|
Copyright (C) <year> <name of author>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along
|
||||||
|
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
|
||||||
|
Also add information on how to contact you by electronic and paper mail.
|
||||||
|
|
||||||
|
If the program is interactive, make it output a short notice like this
|
||||||
|
when it starts in an interactive mode:
|
||||||
|
|
||||||
|
Gnomovision version 69, Copyright (C) year name of author
|
||||||
|
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||||
|
This is free software, and you are welcome to redistribute it
|
||||||
|
under certain conditions; type `show c' for details.
|
||||||
|
|
||||||
|
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||||
|
parts of the General Public License. Of course, the commands you use may
|
||||||
|
be called something other than `show w' and `show c'; they could even be
|
||||||
|
mouse-clicks or menu items--whatever suits your program.
|
||||||
|
|
||||||
|
You should also get your employer (if you work as a programmer) or your
|
||||||
|
school, if any, to sign a "copyright disclaimer" for the program, if
|
||||||
|
necessary. Here is a sample; alter the names:
|
||||||
|
|
||||||
|
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
|
||||||
|
`Gnomovision' (which makes passes at compilers) written by James Hacker.
|
||||||
|
|
||||||
|
<signature of Ty Coon>, 1 April 1989
|
||||||
|
Ty Coon, President of Vice
|
||||||
|
|
||||||
|
This General Public License does not permit incorporating your program into
|
||||||
|
proprietary programs. If your program is a subroutine library, you may
|
||||||
|
consider it more useful to permit linking proprietary applications with the
|
||||||
|
library. If this is what you want to do, use the GNU Lesser General
|
||||||
|
Public License instead of this License.
|
27
_admin.php
Normal file
27
_admin.php
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
<?php
|
||||||
|
# -- BEGIN LICENSE BLOCK ----------------------------------
|
||||||
|
# This file is part of httpPassword, a plugin for Dotclear.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2007-2009 Frederic PLE
|
||||||
|
# dotclear@frederic.ple.name
|
||||||
|
#
|
||||||
|
# Licensed under the GPL version 2.0 license.
|
||||||
|
# A copy of this license is available in LICENSE file or at
|
||||||
|
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
||||||
|
# -- END LICENSE BLOCK ------------------------------------
|
||||||
|
|
||||||
|
if (!defined('DC_CONTEXT_ADMIN')) { return; }
|
||||||
|
|
||||||
|
$_menu['Plugins']->addItem('httpPassword',
|
||||||
|
'plugin.php?p=httpPassword',
|
||||||
|
'index.php?pf=httpPassword/icon.png',
|
||||||
|
preg_match('/plugin.php\?p=httpPassword(&.*)?$/',
|
||||||
|
$_SERVER['REQUEST_URI']),
|
||||||
|
$core->auth->check('usage,contentadmin',$core->blog->id)
|
||||||
|
);
|
||||||
|
|
||||||
|
$core->auth->setPermissionType(
|
||||||
|
'httpPassword',
|
||||||
|
'Gestion de la protection du site httpPassword'
|
||||||
|
);
|
||||||
|
?>
|
21
_define.php
Normal file
21
_define.php
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
<?php
|
||||||
|
# -- BEGIN LICENSE BLOCK ----------------------------------
|
||||||
|
# This file is part of httpPassword, a plugin for Dotclear.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2007-2009 Frederic PLE
|
||||||
|
# dotclear@frederic.ple.name
|
||||||
|
#
|
||||||
|
# Licensed under the GPL version 2.0 license.
|
||||||
|
# A copy of this license is available in LICENSE file or at
|
||||||
|
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
||||||
|
# -- END LICENSE BLOCK ------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
$this->registerModule(
|
||||||
|
/* Name */ "httpPassword",
|
||||||
|
/* Description*/ "Manage .htpasswd file to make the blog private",
|
||||||
|
/* Author */ "Frederic PLE <dotclear@frederic.ple.name>",
|
||||||
|
/* Version */ '0.5.10',
|
||||||
|
/* Permissions */ 'httpPassword'
|
||||||
|
);
|
||||||
|
?>
|
36
_install.php
Normal file
36
_install.php
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
<?php
|
||||||
|
# -- BEGIN LICENSE BLOCK ----------------------------------
|
||||||
|
# This file is part of httpPassword, a plugin for Dotclear.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2007-2009 Frederic PLE
|
||||||
|
# dotclear@frederic.ple.name
|
||||||
|
#
|
||||||
|
# Licensed under the GPL version 2.0 license.
|
||||||
|
# A copy of this license is available in LICENSE file or at
|
||||||
|
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
||||||
|
# -- END LICENSE BLOCK ------------------------------------
|
||||||
|
|
||||||
|
if (!defined('DC_CONTEXT_ADMIN')) { return; }
|
||||||
|
|
||||||
|
$m_version = $core->plugins->moduleInfo('httpPassword','version');
|
||||||
|
|
||||||
|
$i_version = $core->getVersion('httpPassword');
|
||||||
|
|
||||||
|
if (version_compare($i_version,$m_version,'>=')) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Création du setting (s'il existe, il ne sera pas écrasé)
|
||||||
|
$settings = new dcSettings($core,null);
|
||||||
|
$settings->setNamespace('httppassword');
|
||||||
|
$mydomain = preg_replace('/^.*\.([^.]+[^.])$/','$1',gethostbyaddr($_SERVER['SERVER_ADDR']));
|
||||||
|
$defaultcrypt = '';
|
||||||
|
|
||||||
|
$settings->put('httppassword_active',false,'boolean','Activer',false,false);
|
||||||
|
$settings->put('httppassword_crypt',$defaultcrypt,'string','Fonction de cryptage',false,false);
|
||||||
|
$settings->put('httppassword_message','Zone Privee','String','Message personnalisable dans le popup d\'authentification',false,false);
|
||||||
|
$settings->put('httppassword_trace',false,'boolean','Activation des traces (debug)',false,false);
|
||||||
|
$settings->put('httppassword_debugmode',false,'boolean','Activation du mode Debug',false,false);
|
||||||
|
|
||||||
|
$core->setVersion('httpPassword',$m_version);
|
||||||
|
?>
|
101
_public.php
Normal file
101
_public.php
Normal file
|
@ -0,0 +1,101 @@
|
||||||
|
<?php
|
||||||
|
# -- BEGIN LICENSE BLOCK ----------------------------------
|
||||||
|
# This file is part of httpPassword, a plugin for Dotclear.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2007-2009 Frederic PLE
|
||||||
|
# dotclear@frederic.ple.name
|
||||||
|
#
|
||||||
|
# Licensed under the GPL version 2.0 license.
|
||||||
|
# A copy of this license is available in LICENSE file or at
|
||||||
|
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
||||||
|
# -- END LICENSE BLOCK ------------------------------------
|
||||||
|
|
||||||
|
if ($core->blog->settings->httppassword_active) {
|
||||||
|
$core->addBehavior('publicPrepend',array('httpPassword','Check'));
|
||||||
|
//$core->addBehavior('publicPrepend',array('httpPassword','LastLogin'));
|
||||||
|
}
|
||||||
|
|
||||||
|
class httpPassword {
|
||||||
|
|
||||||
|
private static function __debuglog ($core,$trace) {
|
||||||
|
static $fic = false;
|
||||||
|
if (!$core->blog->settings->httppassword_trace)
|
||||||
|
return;
|
||||||
|
if ($fic === false)
|
||||||
|
$fic = fopen($core->blog->public_path . '/.htpasswd.trc.txt','a');
|
||||||
|
if ($fic !== false) {
|
||||||
|
fprintf($fic,"%s - %s\n",date('Ymd-His'),$trace);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private static function __debugmode ($core) {
|
||||||
|
$fic = fopen($core->blog->public_path . '/.debugmode','a');
|
||||||
|
fprintf($fic,"\n%s\n%s\n", str_repeat('-', 30), date('Ymd-His'));
|
||||||
|
fprintf($fic,".... \$_SERVER =\n%s\n",var_export($_SERVER,true));
|
||||||
|
fprintf($fic,".... \$_ENV =\n%s\n",var_export($_ENV,true));
|
||||||
|
fprintf($fic,".... Apache headers =\n%s\n",var_export(apache_request_headers(),true));
|
||||||
|
}
|
||||||
|
|
||||||
|
private static function __HTTP401($core) {
|
||||||
|
httpPassword::__debuglog($core,__FUNCTION__);
|
||||||
|
header('HTTP/1.1 401 Unauthorized');
|
||||||
|
header('WWW-Authenticate: Basic realm="'. utf8_decode(htmlspecialchars_decode($core->blog->settings->httppassword_message)) .'"');
|
||||||
|
exit(0);
|
||||||
|
}
|
||||||
|
public static function Check($core) {
|
||||||
|
httpPassword::__debuglog($core,'ENV = ' . var_export($_ENV,true));
|
||||||
|
if ($core->blog->settings->httppassword_debugmode)
|
||||||
|
httpPassword::__debugmode($core);
|
||||||
|
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
|
||||||
|
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
|
||||||
|
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
|
||||||
|
httpPassword::__debuglog($core,__FUNCTION__ . ' user identication found in $_SERVER');
|
||||||
|
} else if (isset($_ENV['REMOTE_USER'])) {
|
||||||
|
list($PHP_AUTH_PW,$PHP_AUTH_USER) = explode(' ',$_ENV['REMOTE_USER'],2);
|
||||||
|
list($PHP_AUTH_USER,$PHP_AUTH_PW) = explode(':',base64_decode($PHP_AUTH_USER));
|
||||||
|
httpPassword::__debuglog($core,__FUNCTION__ . ' user identication found in $_ENV');
|
||||||
|
}
|
||||||
|
if (!isset($PHP_AUTH_USER) or !isset($PHP_AUTH_PW) or $PHP_AUTH_USER === '')
|
||||||
|
httpPassword::__HTTP401($core);
|
||||||
|
|
||||||
|
httpPassword::__debuglog($core,'Testing user: '.$PHP_AUTH_USER.' pass: '.$PHP_AUTH_PW);
|
||||||
|
|
||||||
|
if (!is_file($core->blog->public_path . '/.htpasswd')) {
|
||||||
|
header('HTTP/1.0 500 Internal Server Error');
|
||||||
|
echo "Le plugin httppassword présente une anomalie de configuration";
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
$htpasswd = file($core->blog->public_path . '/.htpasswd',FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES);
|
||||||
|
$authenticated = false;
|
||||||
|
foreach($htpasswd as $ligne) {
|
||||||
|
list($cur_user,$cur_pass) = explode(':',trim($ligne),2);
|
||||||
|
httpPassword::__debuglog($core,'cur_user: '.$cur_user.' cur_pass: '.$cur_pass);
|
||||||
|
if ($cur_user == $PHP_AUTH_USER and crypt($PHP_AUTH_PW,$cur_pass) == $cur_pass) {
|
||||||
|
$authenticated = true;
|
||||||
|
httpPassword::__debuglog($core,' OK');
|
||||||
|
}
|
||||||
|
if ($authenticated) break;
|
||||||
|
}
|
||||||
|
unset($htpasswd);
|
||||||
|
if (!$authenticated) httpPassword::__HTTP401($core);
|
||||||
|
else httpPassword::LastLogin($core,$PHP_AUTH_USER);
|
||||||
|
|
||||||
|
return(true);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function LastLogin($core,$user) {
|
||||||
|
$fic = $core->blog->public_path . '/.lastlogin';
|
||||||
|
|
||||||
|
$httpPasswordLastLogin = array();
|
||||||
|
if (is_file($fic))
|
||||||
|
$httpPasswordLastLogin = unserialize(file_get_contents($fic));
|
||||||
|
|
||||||
|
$httpPasswordLastLogin[$user] = date('Y-m-d H:i');
|
||||||
|
|
||||||
|
file_put_contents($fic,serialize($httpPasswordLastLogin));
|
||||||
|
|
||||||
|
return(true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
BIN
icon.png
Normal file
BIN
icon.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 703 B |
475
index.php
Normal file
475
index.php
Normal file
|
@ -0,0 +1,475 @@
|
||||||
|
<?php
|
||||||
|
# -- BEGIN LICENSE BLOCK ----------------------------------
|
||||||
|
# This file is part of httpPassword, a plugin for Dotclear.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2007-2009 Frederic PLE
|
||||||
|
# dotclear@frederic.ple.name
|
||||||
|
#
|
||||||
|
# Licensed under the GPL version 2.0 license.
|
||||||
|
# A copy of this license is available in LICENSE file or at
|
||||||
|
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
||||||
|
# -- END LICENSE BLOCK ------------------------------------
|
||||||
|
|
||||||
|
function htpasswd_crypt(&$core,$secret)
|
||||||
|
{
|
||||||
|
switch ($core->blog->settings->httppassword_crypt) {
|
||||||
|
case "plaintext":
|
||||||
|
$saltlen = -1;
|
||||||
|
break;
|
||||||
|
case "crypt_std_des":
|
||||||
|
$saltlen = 2;
|
||||||
|
$salt = "";
|
||||||
|
break;
|
||||||
|
case "crypt_ext_des":
|
||||||
|
$saltlen = 9;
|
||||||
|
$salt = "";
|
||||||
|
break;
|
||||||
|
case "crypt_md5":
|
||||||
|
$saltlen = 12;
|
||||||
|
$salt = '$1$';
|
||||||
|
break;
|
||||||
|
case "crypt_blowfish":
|
||||||
|
$saltlen = 16;
|
||||||
|
$salt = '$2$';
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($saltlen > 0) {
|
||||||
|
$salt .= substr(
|
||||||
|
sha1($core->getNonce() . date('U')),
|
||||||
|
2,
|
||||||
|
$saltlen - strlen($salt)
|
||||||
|
);
|
||||||
|
$secret = crypt($secret,$salt);
|
||||||
|
}
|
||||||
|
|
||||||
|
return($secret);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!defined('DC_CONTEXT_ADMIN')) { return; }
|
||||||
|
|
||||||
|
$crypt_algo = array(
|
||||||
|
'plaintext' => 'Aucun',
|
||||||
|
);
|
||||||
|
if (CRYPT_STD_DES == 1)
|
||||||
|
$crypt_algo['crypt_std_des'] = 'Crypt DES standard';
|
||||||
|
|
||||||
|
if (CRYPT_EXT_DES == 1)
|
||||||
|
$crypt_algo['crypt_ext_des'] = 'Crypt DES étendu';
|
||||||
|
|
||||||
|
if (CRYPT_MD5 == 1)
|
||||||
|
$crypt_algo['crypt_md5'] = 'Crypt MD5';
|
||||||
|
|
||||||
|
if (CRYPT_BLOWFISH == 1)
|
||||||
|
$crypt_algo['crypt_blowfish'] = 'Crypt Blowfish';
|
||||||
|
|
||||||
|
$htpasswdfile = $core->blog->public_path . '/.htpasswd' ;
|
||||||
|
$htp = file($htpasswdfile);
|
||||||
|
if (!is_array($htp)) $htp = array();
|
||||||
|
sort($htp);
|
||||||
|
|
||||||
|
$u = array();
|
||||||
|
$v = array();
|
||||||
|
|
||||||
|
foreach($htp as $ligne) {
|
||||||
|
list($login, $pwd) = explode(':', $ligne, 2);
|
||||||
|
$u[trim($login)] = trim($pwd);
|
||||||
|
}
|
||||||
|
unset($ftp);
|
||||||
|
|
||||||
|
$txt = !empty($_POST['txt']) ? $_POST['txt'] : null;
|
||||||
|
$action = !empty($_POST['httppasswordaction'])
|
||||||
|
? $_POST['httppasswordaction']
|
||||||
|
: null;
|
||||||
|
|
||||||
|
$core->blog->settings->setNamespace('httppassword');
|
||||||
|
|
||||||
|
$debugmodefile = $core->blog->public_path . '/.debugmode';
|
||||||
|
|
||||||
|
switch($action) {
|
||||||
|
case "mod":
|
||||||
|
// traitement des donnees du formulaire
|
||||||
|
foreach(preg_split('/\n/m',$txt) as $ligne)
|
||||||
|
{
|
||||||
|
if (strpos($ligne, ':') === false)
|
||||||
|
$ligne = trim($ligne) . ':';
|
||||||
|
list($login, $pwd) = explode(':', $ligne);
|
||||||
|
$v[trim($login)] = trim($pwd);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Rechercher les suppressions
|
||||||
|
foreach(array_keys($u) as $login)
|
||||||
|
{
|
||||||
|
if (!isset($v[$login]))
|
||||||
|
unset($u[$login]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Rechercher les modifs + nouveaux
|
||||||
|
foreach(array_keys($v) as $login)
|
||||||
|
{
|
||||||
|
if ($v[$login] != "") {
|
||||||
|
$u[$login] = htpasswd_crypt(
|
||||||
|
$core,
|
||||||
|
$v[$login]
|
||||||
|
);
|
||||||
|
if ($u[$login] === false)
|
||||||
|
unset($u[$login]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$txt = "";
|
||||||
|
foreach(array_keys($u) as $login)
|
||||||
|
$txt .= $login.":".$u[$login]."\r\n";
|
||||||
|
file_put_contents($htpasswdfile,$txt);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "desactive":
|
||||||
|
case "active":
|
||||||
|
$active = !$core->blog->settings->httppassword_active;
|
||||||
|
$core->blog->settings->put(
|
||||||
|
'httppassword_active',
|
||||||
|
$active,
|
||||||
|
'boolean'
|
||||||
|
);
|
||||||
|
$core->blog->settings->httppassword_active = $active;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "cryptfunc":
|
||||||
|
$httppassword_crypt = trim($_POST['cryptage']);
|
||||||
|
if (in_array($httppassword_crypt,array_keys($crypt_algo))) {
|
||||||
|
$core->blog->settings->put(
|
||||||
|
'httppassword_crypt',
|
||||||
|
$httppassword_crypt,
|
||||||
|
'string'
|
||||||
|
);
|
||||||
|
$core->blog->settings->httppassword_crypt =
|
||||||
|
$httppassword_crypt;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "auth_message":
|
||||||
|
$message = htmlspecialchars($_POST['auth_message']);
|
||||||
|
$core->blog->settings->put(
|
||||||
|
'httppassword_message',
|
||||||
|
$message,
|
||||||
|
'string'
|
||||||
|
);
|
||||||
|
$core->blog->settings->httppassword_message = $message;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case "debugmode":
|
||||||
|
if ($_POST['debugmode'] === "true")
|
||||||
|
$debugmode = true;
|
||||||
|
else {
|
||||||
|
$debugmode = false;
|
||||||
|
if (is_file($debugmodefile))
|
||||||
|
unlink($debugmodefile);
|
||||||
|
}
|
||||||
|
$core->blog->settings->put(
|
||||||
|
'httppassword_debugmode',
|
||||||
|
$debugmode,
|
||||||
|
'boolean'
|
||||||
|
);
|
||||||
|
$core->blog->settings->httppassword_debugmode = $debugmode;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
$fic = $core->blog->public_path . '/.lastlogin';
|
||||||
|
if (is_file($fic)) {
|
||||||
|
$httpPasswordLastLogin = unserialize(file_get_contents($fic));
|
||||||
|
if ($httpPasswordLastLogin === false) $httpPasswordLastLogin = array();
|
||||||
|
} else
|
||||||
|
$httpPasswordLastLogin = array();
|
||||||
|
|
||||||
|
$form_block=' style="display: none;"';
|
||||||
|
if (strlen($core->blog->settings->httppassword_crypt) > 0) $form_block="";
|
||||||
|
?><html>
|
||||||
|
<head>
|
||||||
|
<title>httpPassword</title>
|
||||||
|
<?php echo dcPage::jsPageTabs($part); ?>
|
||||||
|
<style type="text/css">
|
||||||
|
.ns-name {
|
||||||
|
background: #ccc;
|
||||||
|
color: #000;
|
||||||
|
padding-top: 0.3em;
|
||||||
|
padding-bottom: 0.3em;
|
||||||
|
font-size: 1.1em;
|
||||||
|
}
|
||||||
|
.fp-code {
|
||||||
|
border-left: #d0d0d0 solid 4px;
|
||||||
|
margin-left: 40px;
|
||||||
|
padding: 5px;
|
||||||
|
}
|
||||||
|
tr.row-odd { background: #bbbbbb; }
|
||||||
|
tr.row-even { background: #dddddd; }
|
||||||
|
h3 { border-top: #d0d0d0 dotted 2px; margin-top: 15px; }
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<h2><?php echo html::escapeHTML($core->blog->name); ?> › httpPasswd</h2>
|
||||||
|
|
||||||
|
<div id="local" class="multi-part" title="Gestion des accès restreints">
|
||||||
|
<table><tr>
|
||||||
|
<td>
|
||||||
|
<div<?php echo $form_block; ?>>
|
||||||
|
<h3>Activation du plugin</h3>
|
||||||
|
<?php
|
||||||
|
$canwrite = true;
|
||||||
|
foreach(array('.htpasswd','.lastlogin') as $f) {
|
||||||
|
$fp = fopen(dirname($htpasswdfile) . '/' . $f,'a+');
|
||||||
|
if ($fp === false)
|
||||||
|
$canwrite = false;
|
||||||
|
else
|
||||||
|
fclose($fp);
|
||||||
|
}
|
||||||
|
|
||||||
|
$fichier_existe = is_file(dirname($htpasswdfile) . '/.htpasswd');
|
||||||
|
$fichier_modifier = true;
|
||||||
|
|
||||||
|
if (!$canwrite) { ?>
|
||||||
|
<p><strong>Pour utiliser cette extension, vous devez avoir les permissions
|
||||||
|
pour écrire dans les fichiers :</strong></p>
|
||||||
|
<ul>
|
||||||
|
<li><tt><?php echo $htpasswdfile; ?></tt></li>
|
||||||
|
<li><tt><?php echo dirname($htpasswdfile) . '/.lastlogin'; ?></tt></li>
|
||||||
|
</ul>
|
||||||
|
<?php } elseif ($core->blog->settings->httppassword_active) { ?>
|
||||||
|
<p><strong>Protection ACTIVÉE</strong></p>
|
||||||
|
<form method="post">
|
||||||
|
Cliquer sur ce bouton pour désactiver la protection :
|
||||||
|
<input type="submit" value="Désactiver" />
|
||||||
|
<?php
|
||||||
|
echo
|
||||||
|
$core->formNonce() .
|
||||||
|
form::hidden(array('p'),'httpPassword') .
|
||||||
|
form::hidden(array('httppasswordaction'),'desactive');
|
||||||
|
?>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<?php } else { ?>
|
||||||
|
utilisateur valide !</strong></p>
|
||||||
|
<form method="post">
|
||||||
|
Cliquer sur ce bouton pour activer la protection :
|
||||||
|
<input type="submit" value="Activer" />
|
||||||
|
<?php
|
||||||
|
echo
|
||||||
|
$core->formNonce().
|
||||||
|
form::hidden(array('p'),'httpPassword').
|
||||||
|
form::hidden(array('httppasswordaction'),'active');
|
||||||
|
?>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
<?php } ?>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div>
|
||||||
|
<h3>Sécurité des mots de passe</h3>
|
||||||
|
<p>Pour modifier la fonction de "cryptage".</p>
|
||||||
|
<p><strong>Attention, le changement de
|
||||||
|
cryptage s'appliquera individuellement à la prochaine modification
|
||||||
|
de chacun des comptes (crétion ou changement de mot de passe)</strong></p>
|
||||||
|
<form method="post">
|
||||||
|
<?php
|
||||||
|
foreach($crypt_algo as $algo_code => $algo_libelle) {
|
||||||
|
echo '<input type="radio" name="cryptage" value="' . $algo_code . '" ';
|
||||||
|
if ($core->blog->settings->httppassword_crypt == $algo_code)
|
||||||
|
echo 'checked ';
|
||||||
|
echo '/> ' . $algo_libelle . '<br />';
|
||||||
|
} ?><input type="submit" value="Modifier" />
|
||||||
|
<?php
|
||||||
|
echo
|
||||||
|
$core->formNonce().
|
||||||
|
form::hidden(array('p'),'httpPassword').
|
||||||
|
form::hidden(array('httppasswordaction'),'cryptfunc');
|
||||||
|
?>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div<?php echo $form_block; ?>>
|
||||||
|
<h3>Message d'authentification</h3>
|
||||||
|
<form method="post">
|
||||||
|
<p><input type="text" name="auth_message" size="50"
|
||||||
|
value="<?php echo $core->blog->settings->httppassword_message; ?>" />
|
||||||
|
<br />
|
||||||
|
<input type="submit" value="Modifier"/>
|
||||||
|
<?php
|
||||||
|
echo
|
||||||
|
$core->formNonce().
|
||||||
|
form::hidden(array('p'),'httpPassword').
|
||||||
|
form::hidden(array('httppasswordaction'),'auth_message');
|
||||||
|
?> </p>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</td>
|
||||||
|
<td>
|
||||||
|
<div<?php echo $form_block; ?>>
|
||||||
|
<form method="post">
|
||||||
|
<p><textarea name="txt" rows="30" cols="30">
|
||||||
|
<?php
|
||||||
|
foreach(array_keys($u) as $login)
|
||||||
|
echo "$login\n";
|
||||||
|
?>
|
||||||
|
</textarea><br />
|
||||||
|
<input type="submit" value="Modifier" />
|
||||||
|
<?php
|
||||||
|
echo
|
||||||
|
$core->formNonce().
|
||||||
|
form::hidden(array('p'),'httpPassword').
|
||||||
|
form::hidden(array('httppasswordaction'),'mod');
|
||||||
|
?> </p>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</td></tr></table>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="histo" class="multi-part"
|
||||||
|
title="Historique des dernières connexions">
|
||||||
|
<p>Nous sommes le <?php echo date('d-m-Y H:i'); ?></p>
|
||||||
|
<table>
|
||||||
|
<?php
|
||||||
|
if (count($httpPasswordLastLogin)>0) {
|
||||||
|
$i = 0;
|
||||||
|
$logins = array_keys($httpPasswordLastLogin);
|
||||||
|
sort($logins);
|
||||||
|
foreach($logins as $login)
|
||||||
|
echo '<tr style="row-' .
|
||||||
|
(($i++ % 2 == 0) ? 'odd' : 'even') .
|
||||||
|
'"><td>' . $login . '</td><td>' .
|
||||||
|
$httpPasswordLastLogin[$login] .
|
||||||
|
'</td></tr>' . "\n";
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="aide" class="multi-part" title="Aide">
|
||||||
|
<h3>Gestion des accès restreints</h3>
|
||||||
|
<p>Ce plugin permet la gestion d'identifiants et de mots de
|
||||||
|
passe pour limiter les accès à votre blog aux
|
||||||
|
personnes que vous aurez choisies.</p>
|
||||||
|
<p>Le formulaire de droite présente la liste des
|
||||||
|
utilisateurs existants (sans leur mot de passe)</p>
|
||||||
|
<h3>Ajout d'un utilisateur</h3>
|
||||||
|
<p>Pour ajouter un utilisateur, ajouter une nouvelle ligne
|
||||||
|
de la forme :</p>
|
||||||
|
<p class="fp-code"><tt>login:motdepasse</tt></p>
|
||||||
|
<h3>Modifier un mot de passe</h3>
|
||||||
|
<p>Pour modifier un mot de passe d'un utilisateur, ajouter
|
||||||
|
à la suite de son identifiant (sur la même ligne)
|
||||||
|
le texte suivant :</p>
|
||||||
|
<p class="fp-code"><tt>:motdepasse</tt></p>
|
||||||
|
<h3>Suppression d'un utilisateur</h3>
|
||||||
|
<p>Pour supprimer un utilisateur, supprimer la ligne de
|
||||||
|
l'utilisateur.</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="moddebug" class="multi-part" title="Debug">
|
||||||
|
<p>Le plugin a été développé pour
|
||||||
|
fonctionner sur une installation "standard" de serveur Web
|
||||||
|
(PHP en module Apache).</p>
|
||||||
|
<p>Certains hébergeurs utilisent des installations de
|
||||||
|
PHP en mode CGI, parfois assez spécifiques et
|
||||||
|
sur lesquelles ce plugin ne fonctionnera pas</p>
|
||||||
|
<p>Le mode debug permet de collecter des informations
|
||||||
|
nécessaires au développeur pour adapter le plugin
|
||||||
|
à des contextes particuliers.</p>
|
||||||
|
<h3>Quand l'activer</h3>
|
||||||
|
<ul>
|
||||||
|
<li>Vous avez installé la dernière version du plugin
|
||||||
|
(voir sur http://lab.dotclear.org/plugin/httpPassword)</li>
|
||||||
|
<li>Vous avez activé le plugin</li>
|
||||||
|
<li>Vous avez créé un compte</li>
|
||||||
|
<li>Lorsque vous vous authentifiez sur le site, vous ne parvenez
|
||||||
|
pas à accéder à la partie publique avec le
|
||||||
|
compte que vous avez créé</li>
|
||||||
|
</ul>
|
||||||
|
<h3>MISE EN GARDE</h3>
|
||||||
|
<p>le mode debug est
|
||||||
|
dangeureux. Il est imperatif de le desactiver juste apres
|
||||||
|
les tests.</p>
|
||||||
|
<h3>Protocole à suivre</h3>
|
||||||
|
<p>Le protocole est le suivant. Merci de le suivre pas à pas.</p>
|
||||||
|
<ol>
|
||||||
|
<li>Creer un compte "debug" dont le mot de passe est "test"</li>
|
||||||
|
<li>Activer le plugin</li>
|
||||||
|
<li>Activer le mode debug</li>
|
||||||
|
<li>Faire un essai d'authentification</li>
|
||||||
|
<li>Revenir sur cette page et copier le texte de la section "Resultats"
|
||||||
|
dans un mail</li>
|
||||||
|
<li>Joindre a ce mail le fichier .debugmode que vous trouverez
|
||||||
|
dans le répertoire public du blog</li>
|
||||||
|
<li>Envoyer le mail à dotclear@frederic.ple.name</li>
|
||||||
|
<li>Desactiver le mode debug</li>
|
||||||
|
<li>Supprimer le de compte "debug"</li>
|
||||||
|
<li>Attendre patiemment la réponse du gentil
|
||||||
|
développeur</li>
|
||||||
|
</ol>
|
||||||
|
<h3>Activer / Dédactiver le mode DEBUG</h3>
|
||||||
|
<form method="post">
|
||||||
|
<p><input type="radio" name="debugmode" value="false" <?php if ($core->blog->settings->httppassword_debugmode === false) echo 'checked="checked" '; ?>/>Mode normal</p>
|
||||||
|
<p><input type="radio" name="debugmode" value="true" <?php if ($core->blog->settings->httppassword_debugmode === true) echo 'checked="checked" '; ?>/>Mode Debug</p>
|
||||||
|
<p><input type="submit" value="Modifier"/></p>
|
||||||
|
<?php
|
||||||
|
echo
|
||||||
|
$core->formNonce().
|
||||||
|
form::hidden(array('p'),'httpPassword').
|
||||||
|
form::hidden(array('httppasswordaction'),'debugmode');
|
||||||
|
?> </p>
|
||||||
|
</form>
|
||||||
|
<?php
|
||||||
|
if (is_file($debugmodefile)) {
|
||||||
|
//if (true) {
|
||||||
|
?>
|
||||||
|
<h3>Résultats</h3>
|
||||||
|
<div class="fp-code"><tt>
|
||||||
|
<?php
|
||||||
|
echo "* INFOS BLOG *<br />\n";
|
||||||
|
echo "URL: " . $core->blog->url . "<br />\n";
|
||||||
|
echo "IP: " . $_SERVER['SERVER_ADDR'] . "<br />\n";
|
||||||
|
echo "DocumentRoot: " . $_SERVER['DOCUMENT_ROOT'] . "<br />\n";
|
||||||
|
echo "DC2 version: " . $core->getVersion('core') . "<br />\n";
|
||||||
|
echo "DC2 path: " ."-" . "<br />\n";
|
||||||
|
echo "Plugins path: " . realpath(dirname(__FILE__) . '/..') . "<br />\n";
|
||||||
|
echo "Public path: " . $core->blog->public_path . "<br />\n";
|
||||||
|
echo "* INFOS HTTPPASSWD *<br />\n";
|
||||||
|
echo "Version: " . $core->getVersion('httpPassword') . "<br />\n";
|
||||||
|
//echo ".... \$_SERVER ....<br />" . str_replace("\n","<br />\n",var_export($_SERVER,true)) . "<br />\n";
|
||||||
|
//echo ".... \$_ENV ....<br />" . str_replace("\n","<br />\n",var_export($_ENV,true)) . "<br />\n";
|
||||||
|
//echo ".... HTTP Apache HEADERS ....<br />" . str_replace("\n","<br />\n",var_export(apache_request_headers(),true)) . "<br />\n";
|
||||||
|
//echo str_replace("\n","<br />\n",htmlentities(file_get_contents($debugmodefile)));
|
||||||
|
?>
|
||||||
|
</tt></div>
|
||||||
|
<?php } ?>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id="credits" class="multi-part" title="Crédits">
|
||||||
|
<h3>Plugin</h3>
|
||||||
|
<ul>
|
||||||
|
<li><a href="http://frederic.ple.name/DC2-plugin-httpPassword">
|
||||||
|
Plugin Dotclear httpPassword</a></li>
|
||||||
|
<li>Ce plugin est distribué sous licence GPLv2</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<h3>Développeur</h3>
|
||||||
|
<ul>
|
||||||
|
<li>Frédéric PLÉ <dotclear@frederic.ple.name></li>
|
||||||
|
</ul>
|
||||||
|
<h3>Remerciements</h3>
|
||||||
|
<ul>
|
||||||
|
<li>Aux développeurs de Dotclear pour la grande qualité du code</li>
|
||||||
|
<li>A Tomtom33, Moe, et les autres qui m'ont aidé sur le
|
||||||
|
<a href="http://forum.dotclear.net/">forum</a></li>
|
||||||
|
<li>A Pep de <a href="http://www.dotaddict.org/">Dotaddict</a></li>
|
||||||
|
<li>Stephanie "piloue" pour ses tests, ses suggestions et sa patience</li>
|
||||||
|
<li>Gabriel Recope pour ses tests et reports de bugs.</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<div style="text-align: right; font-size: 0.8em; border-top: dashed 3px #d0d0d0; padding: 2px 10px 0 0;margin-top: 15px;">Plugin réalisé v.<?php echo $core->getVersion('httpPassword'); ?> par <a href="http://frederic.ple.name/" style="text-decoration: none; color: black;">Frédéric PLÉ</a>
|
||||||
|
<dotclear@frederic.ple.name></div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</html>
|
Loading…
Reference in a new issue