passwd/htpasswd_gen/index.php

<?php
require_once("style/std/stdwpstyle.inc");
//----------------------------------------------------------------------------------------------------
//Copyright (c) 2003, 2018 David T. Ashley.
//
//Permission is hereby granted, free of charge, to any person obtaining a copy
//of this software and associated documentation files (the "Software"), to deal
//in the Software without restriction, including without limitation the rights
//to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
//copies of the Software, and to permit persons to whom the Software is
//furnished to do so, subject to the following conditions:
//
//The above copyright notice and this permission notice shall be included in all
//copies or substantial portions of the Software.
//
//THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
//IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
//FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
//AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
//LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
//OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
//SOFTWARE.
//----------------------------------------------------------------------------------------------------
//
function do_header(&$style)
   {
   $style->static_page_header_title_std("HTPASSWD-Style Hashed Password Generator",
                          "<i>htpasswd</i>-Style Hashed Password Generator",
                          "");
   echo "<p align=\"center\"><b><font size=\"3\">(This cgi-bin form generates password hashes which are \n";
   echo "understood by the <i>Apache</i> web server in directory access files and also by \n";
   echo "the <i>CVS</i> version control system when such entries are placed in the \n";
   echo "<i>CVSROOT/passwd</i> file. &nbsp;The algorithm used is the standard DES algorithm with \n";
   echo "randomly selected two-character salt. &nbsp;To use this password hash generator, \n";
   echo "you must normally paste the output into an <i>Apache</i> directory access file or into \n";
   echo "the <i>CVSROOT/passwd</i> file of a <i>CVS</i> repository.)</font></b></p>\n";
   $style->static_page_hrule_std();  
   echo "<p align=\"center\"><font size=\"3\" color=\"#FF0000\"><b>WARNING:</b>&nbsp; The username and ";
   echo "password you choose are ";
   echo "transmitted over the network to the server unencrypted and can be intercepted.&nbsp; ";
   echo "Use this utility ";
   echo "at your own risk.</font></p>\n";
   $style->static_page_hrule_std();  
   }  

function do_footer(&$style)
   {
   $style->static_page_footer_std();
   }

function do_form($Buttontext)
   {
   echo "<form method=post action=\"index.php\" width=\"100%\">\n";
   echo "<table align=\"center\">\n";
   echo "<tr>\n";
   echo "  <td width=\"10%\">\n";
   echo "   <p align=\"right\"><b>Username</b> (required):</td>\n";
   echo "    <td width=\"12%\"><p align=\"left\"><input type=\"text\" name=\"Username\" size=\"30\"></p></td>\n";
   echo "  </tr>\n";
   echo "  <tr>\n";
   echo "    <td width=\"10%\">\n";
   echo "   <p align=\"right\"><b>Password</b> (required):</td>\n";
   echo "    <td width=\"12%\"><p align=\"left\"><input type=\"Password\" name=\"Password\" size=\"30\"></p></td>\n";
   echo "  </tr>\n";
   echo "  <tr>\n";
   echo "    <td width=\"20%\" colspan=\"2\">\n";
   echo "      <p align=\"center\"><input type=\"submit\" value=\"";
   echo $Buttontext;
   echo "\" name=\"B1\" style=\"margin-top: 12\"></td>\n";
   echo "  </tr>\n";
   echo "</table>\n";
   echo "</form>\n";
}

function do_err_msg($Err_msg)
   {
   echo "<p align=\"center\"><b><font color=\"#FF0000\">";
   echo $Err_msg;
   echo "</font></b></p>\n";
   }

function random_salt()
   {
   //There are 64 possible values for each salt character, a-z, A-Z, 0-9, ., and /.
   //Can easily generate a suitably random value.
   $Matchstring = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
   $Rand1 = rand(0,63);
   $Rand2 = rand(0,63);
   return(Substr($Matchstring, $Rand1, 1) . Substr($Matchstring, $Rand2, 1));
   }

//Main script begins here.
//
//
$style = new StdWpStyle;
//Assign the current style in force.  Also, starts the CPU
//usage clock.

//Do the header unconditionally.  The header is always used on this page.
do_header($style);
//
if (isset($_POST['Username']))
   $Username = $_POST['Username'];
//
if (isset($_POST['Password']))
   $Password = $_POST['Password'];

//Load up a few variables based on what username and password values were supplied.
if (isset($Username) && isset($Password))
   {
   $Usernamelen = strlen($Username);
   $Usernamevalid = 1;
   for ($i=0; $i<$Usernamelen; $i++)
      {
      $Curchar = Substr($Username, $i, 1);
      $Ord = ord($Curchar);
      if (!
            (
               ($Ord >= ord("A") && $Ord <= ord("Z"))
               ||
               ($Ord >= ord("a") && $Ord <= ord("z"))
               ||
               ($Ord >= ord("0") && $Ord <= ord("9"))
            )
         )
         {
         $Usernamevalid = 0;
         }
      }

   $Passwordlen = strlen($Password);
   $Passwordvalid = 1;
   for ($i=0; $i<$Passwordlen; $i++)
      {
      $Curchar = Substr($Password, $i, 1);
      $Ord = ord($Curchar);
      if (!
            (
               ($Ord >= ord("A") && $Ord <= ord("Z"))
               ||
               ($Ord >= ord("a") && $Ord <= ord("z"))
               ||
               ($Ord >= ord("0") && $Ord <= ord("9"))
               ||
               ($Ord == ord("/"))
               ||
               ($Ord == ord("."))
            )
         )
         {
         $Passwordvalid = 0;
         }
      }

   }
//
//There are a few cases to break into here, and this affects the overall layout of the page.
//The header and footer are fixed, but the "guts" will change.
if (!isset($Username) || !isset($Password))
   {
   //In this case, we are probably visiting the form for the first time, and have not done a submit.
   //Just display the form itself.
   do_form("Click To Generate Hashed Password");
   }
elseif ($Usernamelen < 1 || !$Usernamevalid)
   {
   //The user name is suspicious.  Must flag it.
     do_err_msg("The <i>Username</i> you supplied is not valid. &nbsp;User names must contain at least one character and may consist only of lower-case and upper-case letters and digits. &nbsp;Please try again.");
     $style->hrule_std();  
     do_form("Click To Generate Hashed Password");
   }
elseif ($Passwordlen < 2 || !$Passwordvalid)
   {
   //The password is suspicious.  Must flag it.
   do_err_msg("The <i>Password</i> you supplied is not valid. &nbsp;Passwords must contain at least two characters and may consist only of lower-case and upper-case letters and digits and the \"/\" and \".\" characters. &nbsp;Please try again.");
   $style->static_page_hrule_std();  
   do_form("Click To Generate Hashed Password");
   }
else
   {
   //Username and password seem within minimums.  Should be clear to generate hashed password.
   $Hashedpwd = crypt($Password, random_salt());
   echo "<p align=\"left\">The hashed username/password is:</p>\n";
   echo "<p align=\"left\"><font size=\"5\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>";
   echo $Username;
   echo ":";
   echo $Hashedpwd;
   echo "</b></font></p>\n";
   echo "<p align=\"left\">You may paste this value directly into an <i>Apache</i> directory \n";
   echo "access file or <i>CVS</i> <i>CVSROOT/passwd</i> file.  Note that if the period (\".\") \n";
   echo "character or other punctuation appears as the last character(s) of the hash above, \n";
   echo "it <i>is</i> part of the hash and \n";
   echo "must be included when copying and pasting.</p>\n";
   $style->static_page_hrule_std();  
   do_form("Click To Generate Another Hashed Password");
   }

//Now do the footer unconditionally.  The footer is always used on this web page.
do_footer($style);  
?>
1	<?php
2	require_once("style/std/stdwpstyle.inc");
3	//----------------------------------------------------------------------------------------------------
4	//Copyright (c) 2003, 2018 David T. Ashley.
5	//
6	//Permission is hereby granted, free of charge, to any person obtaining a copy
7	//of this software and associated documentation files (the "Software"), to deal
8	//in the Software without restriction, including without limitation the rights
9	//to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10	//copies of the Software, and to permit persons to whom the Software is
11	//furnished to do so, subject to the following conditions:
12	//
13	//The above copyright notice and this permission notice shall be included in all
14	//copies or substantial portions of the Software.
15	//
16	//THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17	//IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18	//FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19	//AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20	//LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21	//OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22	//SOFTWARE.
23	//----------------------------------------------------------------------------------------------------
24	//
25	function do_header(&$style)
26	{
27	$style->static_page_header_title_std("HTPASSWD-Style Hashed Password Generator",
28	"<i>htpasswd</i>-Style Hashed Password Generator",
29	"");
30	echo "<p align=\"center\"><b><font size=\"3\">(This cgi-bin form generates password hashes which are \n";
31	echo "understood by the <i>Apache</i> web server in directory access files and also by \n";
32	echo "the <i>CVS</i> version control system when such entries are placed in the \n";
33	echo "<i>CVSROOT/passwd</i> file.  The algorithm used is the standard DES algorithm with \n";
34	echo "randomly selected two-character salt.  To use this password hash generator, \n";
35	echo "you must normally paste the output into an <i>Apache</i> directory access file or into \n";
36	echo "the <i>CVSROOT/passwd</i> file of a <i>CVS</i> repository.)</font></b></p>\n";
37	$style->static_page_hrule_std();
38	echo "<p align=\"center\"><font size=\"3\" color=\"#FF0000\"><b>WARNING:</b>  The username and ";
39	echo "password you choose are ";
40	echo "transmitted over the network to the server unencrypted and can be intercepted.  ";
41	echo "Use this utility ";
42	echo "at your own risk.</font></p>\n";
43	$style->static_page_hrule_std();
44	}
45
46	function do_footer(&$style)
47	{
48	$style->static_page_footer_std();
49	}
50
51	function do_form($Buttontext)
52	{
53	echo "<form method=post action=\"index.php\" width=\"100%\">\n";
54	echo "<table align=\"center\">\n";
55	echo "<tr>\n";
56	echo " <td width=\"10%\">\n";
57	echo " <p align=\"right\"><b>Username</b> (required):</td>\n";
58	echo " <td width=\"12%\"><p align=\"left\"><input type=\"text\" name=\"Username\" size=\"30\"></p></td>\n";
59	echo " </tr>\n";
60	echo " <tr>\n";
61	echo " <td width=\"10%\">\n";
62	echo " <p align=\"right\"><b>Password</b> (required):</td>\n";
63	echo " <td width=\"12%\"><p align=\"left\"><input type=\"Password\" name=\"Password\" size=\"30\"></p></td>\n";
64	echo " </tr>\n";
65	echo " <tr>\n";
66	echo " <td width=\"20%\" colspan=\"2\">\n";
67	echo " <p align=\"center\"><input type=\"submit\" value=\"";
68	echo $Buttontext;
69	echo "\" name=\"B1\" style=\"margin-top: 12\"></td>\n";
70	echo " </tr>\n";
71	echo "</table>\n";
72	echo "</form>\n";
73	}
74
75	function do_err_msg($Err_msg)
76	{
77	echo "<p align=\"center\"><b><font color=\"#FF0000\">";
78	echo $Err_msg;
79	echo "</font></b></p>\n";
80	}
81
82	function random_salt()
83	{
84	//There are 64 possible values for each salt character, a-z, A-Z, 0-9, ., and /.
85	//Can easily generate a suitably random value.
86	$Matchstring = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
87	$Rand1 = rand(0,63);
88	$Rand2 = rand(0,63);
89	return(Substr($Matchstring, $Rand1, 1) . Substr($Matchstring, $Rand2, 1));
90	}
91
92	//Main script begins here.
93	//
94	//
95	$style = new StdWpStyle;
96	//Assign the current style in force. Also, starts the CPU
97	//usage clock.
98
99	//Do the header unconditionally. The header is always used on this page.
100	do_header($style);
101	//
102	if (isset($_POST['Username']))
103	$Username = $_POST['Username'];
104	//
105	if (isset($_POST['Password']))
106	$Password = $_POST['Password'];
107
108	//Load up a few variables based on what username and password values were supplied.
109	if (isset($Username) && isset($Password))
110	{
111	$Usernamelen = strlen($Username);
112	$Usernamevalid = 1;
113	for ($i=0; $i<$Usernamelen; $i++)
114	{
115	$Curchar = Substr($Username, $i, 1);
116	$Ord = ord($Curchar);
117	if (!
118	(
119	($Ord >= ord("A") && $Ord <= ord("Z"))
120	\|\|
121	($Ord >= ord("a") && $Ord <= ord("z"))
122	\|\|
123	($Ord >= ord("0") && $Ord <= ord("9"))
124	)
125	)
126	{
127	$Usernamevalid = 0;
128	}
129	}
130
131	$Passwordlen = strlen($Password);
132	$Passwordvalid = 1;
133	for ($i=0; $i<$Passwordlen; $i++)
134	{
135	$Curchar = Substr($Password, $i, 1);
136	$Ord = ord($Curchar);
137	if (!
138	(
139	($Ord >= ord("A") && $Ord <= ord("Z"))
140	\|\|
141	($Ord >= ord("a") && $Ord <= ord("z"))
142	\|\|
143	($Ord >= ord("0") && $Ord <= ord("9"))
144	\|\|
145	($Ord == ord("/"))
146	\|\|
147	($Ord == ord("."))
148	)
149	)
150	{
151	$Passwordvalid = 0;
152	}
153	}
154
155	}
156	//
157	//There are a few cases to break into here, and this affects the overall layout of the page.
158	//The header and footer are fixed, but the "guts" will change.
159	if (!isset($Username) \|\| !isset($Password))
160	{
161	//In this case, we are probably visiting the form for the first time, and have not done a submit.
162	//Just display the form itself.
163	do_form("Click To Generate Hashed Password");
164	}
165	elseif ($Usernamelen < 1 \|\| !$Usernamevalid)
166	{
167	//The user name is suspicious. Must flag it.
168	do_err_msg("The <i>Username</i> you supplied is not valid.  User names must contain at least one character and may consist only of lower-case and upper-case letters and digits.  Please try again.");
169	$style->hrule_std();
170	do_form("Click To Generate Hashed Password");
171	}
172	elseif ($Passwordlen < 2 \|\| !$Passwordvalid)
173	{
174	//The password is suspicious. Must flag it.
175	do_err_msg("The <i>Password</i> you supplied is not valid.  Passwords must contain at least two characters and may consist only of lower-case and upper-case letters and digits and the \"/\" and \".\" characters.  Please try again.");
176	$style->static_page_hrule_std();
177	do_form("Click To Generate Hashed Password");
178	}
179	else
180	{
181	//Username and password seem within minimums. Should be clear to generate hashed password.
182	$Hashedpwd = crypt($Password, random_salt());
183	echo "<p align=\"left\">The hashed username/password is:</p>\n";
184	echo "<p align=\"left\"><font size=\"5\">        <b>";
185	echo $Username;
186	echo ":";
187	echo $Hashedpwd;
188	echo "</b></font></p>\n";
189	echo "<p align=\"left\">You may paste this value directly into an <i>Apache</i> directory \n";
190	echo "access file or <i>CVS</i> <i>CVSROOT/passwd</i> file. Note that if the period (\".\") \n";
191	echo "character or other punctuation appears as the last character(s) of the hash above, \n";
192	echo "it <i>is</i> part of the hash and \n";
193	echo "must be included when copying and pasting.</p>\n";
194	$style->static_page_hrule_std();
195	do_form("Click To Generate Another Hashed Password");
196	}
197
198	//Now do the footer unconditionally. The footer is always used on this web page.
199	do_footer($style);
200	?>