/[dtapublic]/projs/dtats/trunk/projs/2018/20180707_cgi_web_tools/active/passwd/htpasswd_gen/index.php
ViewVC logotype

Contents of /projs/dtats/trunk/projs/2018/20180707_cgi_web_tools/active/passwd/htpasswd_gen/index.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 203 - (show annotations) (download)
Sun Jul 15 18:41:33 2018 UTC (6 years, 4 months ago) by dashley
File size: 7460 byte(s)
Add project GUID's.
Move htpasswd generation to active pages.
1 <?php
2 if (!$STDNWPSTYLE_INCLUDED)
3 {
4 include("stdnwpstyle.inc");
5 $STDNWPSTYLE_INCLUDED=1;
6 }
7 ?>
8 <?php
9 //********************************************************************************
10 //Copyright (C) 2003 David T. Ashley
11 //********************************************************************************
12 //This program or source file is free software; you can redistribute it and/or
13 //modify it under the terms of the GNU General Public License as published by
14 //the Free Software Foundation; either version 2 of the License, or (at your
15 //option) any later version.
16 //
17 //This program or source file is distributed in the hope that it will
18 //be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
19 //MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 //GNU General Public License for more details.
21 //
22 //You may have received a copy of the GNU General Public License
23 //along with this program; if not, write to the Free Software
24 //Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 //********************************************************************************
26 //
27 function do_header(&$style)
28 {
29 $style->header_title("HTPASSWD-Style Hashed Password Generator",
30 "<i>htpasswd</i>-Style Hashed Password Generator",
31 "");
32 echo "<p align=\"center\"><b><font size=\"3\">(This cgi-bin form generates password hashes which are \n";
33 echo "understood by the <i>Apache</i> web server in directory access files and also by \n";
34 echo "the <i>CVS</i> version control system when such entries are placed in the \n";
35 echo "<i>CVSROOT/passwd</i> file. &nbsp;The algorithm used is the standard DES algorithm with \n";
36 echo "randomly selected two-character salt. &nbsp;To use this password hash generator, \n";
37 echo "you must normally paste the output into an <i>Apache</i> directory access file or into \n";
38 echo "the <i>CVSROOT/passwd</i> file of a <i>CVS</i> repository.)</font></b></p>\n";
39 $style->hrule_std();
40 echo "<p align=\"center\"><font size=\"3\" color=\"#FF0000\"><b>WARNING:</b>&nbsp; The username and ";
41 echo "password you choose are ";
42 echo "transmitted over the network to the server unencrypted and can be intercepted.&nbsp; ";
43 echo "Use this utility ";
44 echo "at your own risk.</font></p>\n";
45 $style->hrule_std();
46 }
47
48 function do_footer(&$style)
49 {
50 $style->footer_std();
51 }
52
53 function do_form($Buttontext)
54 {
55 echo "<form method=post action=\"htpasswd_gen.php\" width=\"100%\">\n";
56 echo "<table align=\"center\">\n";
57 echo "<tr>\n";
58 echo " <td width=\"10%\">\n";
59 echo " <p align=\"right\"><b>Username</b> (required):</td>\n";
60 echo " <td width=\"12%\"><p align=\"left\"><input type=\"text\" name=\"Username\" size=\"30\"></p></td>\n";
61 echo " </tr>\n";
62 echo " <tr>\n";
63 echo " <td width=\"10%\">\n";
64 echo " <p align=\"right\"><b>Password</b> (required):</td>\n";
65 echo " <td width=\"12%\"><p align=\"left\"><input type=\"Password\" name=\"Password\" size=\"30\"></p></td>\n";
66 echo " </tr>\n";
67 echo " <tr>\n";
68 echo " <td width=\"20%\" colspan=\"2\">\n";
69 echo " <p align=\"center\"><input type=\"submit\" value=\"";
70 echo $Buttontext;
71 echo "\" name=\"B1\" style=\"margin-top: 12\"></td>\n";
72 echo " </tr>\n";
73 echo "</table>\n";
74 echo "</form>\n";
75 }
76
77 function do_err_msg($Err_msg)
78 {
79 echo "<p align=\"center\"><b><font color=\"#FF0000\">";
80 echo $Err_msg;
81 echo "</font></b></p>\n";
82 }
83
84 function random_salt()
85 {
86 //There are 64 possible values for each salt character, a-z, A-Z, 0-9, ., and /.
87 //Can easily generate a suitably random value.
88 $Matchstring = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
89 $Rand1 = rand(0,63);
90 $Rand2 = rand(0,63);
91 return(Substr($Matchstring, $Rand1, 1) . Substr($Matchstring, $Rand2, 1));
92 }
93
94 //Main script begins here.
95 //
96 //
97 $style = new Stdnwpstyle;
98 //Assign the current style in force. Also, starts the CPU
99 //usage clock.
100
101 //Do the header unconditionally. The header is always used on this page.
102 do_header($style);
103 //
104 //Load up a few variables based on what username and password values were supplied.
105 if (isset($Username) && isset($Password))
106 {
107 $Usernamelen = strlen($Username);
108 $Usernamevalid = 1;
109 for ($i=0; $i<$Usernamelen; $i++)
110 {
111 $Curchar = Substr($Username, $i, 1);
112 $Ord = ord($Curchar);
113 if (!
114 (
115 ($Ord >= ord("A") && $Ord <= ord("Z"))
116 ||
117 ($Ord >= ord("a") && $Ord <= ord("z"))
118 ||
119 ($Ord >= ord("0") && $Ord <= ord("9"))
120 )
121 )
122 {
123 $Usernamevalid = 0;
124 }
125 }
126
127 $Passwordlen = strlen($Password);
128 $Passwordvalid = 1;
129 for ($i=0; $i<$Passwordlen; $i++)
130 {
131 $Curchar = Substr($Password, $i, 1);
132 $Ord = ord($Curchar);
133 if (!
134 (
135 ($Ord >= ord("A") && $Ord <= ord("Z"))
136 ||
137 ($Ord >= ord("a") && $Ord <= ord("z"))
138 ||
139 ($Ord >= ord("0") && $Ord <= ord("9"))
140 ||
141 ($Ord == ord("/"))
142 ||
143 ($Ord == ord("."))
144 )
145 )
146 {
147 $Passwordvalid = 0;
148 }
149 }
150
151 }
152 //
153 //There are a few cases to break into here, and this affects the overall layout of the page.
154 //The header and footer are fixed, but the "guts" will change.
155 if (!isset($Username) || !isset($Password))
156 {
157 //In this case, we are probably visiting the form for the first time, and have not done a submit.
158 //Just display the form itself.
159 do_form("Click To Generate Hashed Password");
160 }
161 elseif ($Usernamelen < 1 || !$Usernamevalid)
162 {
163 //The user name is suspicious. Must flag it.
164 do_err_msg("The <i>Username</i> you supplied is not valid. &nbsp;User names must contain at least one character and may consist only of lower-case and upper-case letters and digits. &nbsp;Please try again.");
165 $style->hrule_std();
166 do_form("Click To Generate Hashed Password");
167 }
168 elseif ($Passwordlen < 2 || !$Passwordvalid)
169 {
170 //The password is suspicious. Must flag it.
171 do_err_msg("The <i>Password</i> you supplied is not valid. &nbsp;Passwords must contain at least two characters and may consist only of lower-case and upper-case letters and digits and the \"/\" and \".\" characters. &nbsp;Please try again.");
172 $style->hrule_std();
173 do_form("Click To Generate Hashed Password");
174 }
175 else
176 {
177 //Username and password seem within minimums. Should be clear to generate hashed password.
178 $Hashedpwd = crypt($Password, random_salt());
179 echo "<p align=\"left\">The hashed username/password is:</p>\n";
180 echo "<p align=\"left\"><font size=\"5\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>";
181 echo $Username;
182 echo ":";
183 echo $Hashedpwd;
184 echo "</b></font></p>\n";
185 echo "<p align=\"left\">You may paste this value directly into an <i>Apache</i> directory \n";
186 echo "access file or <i>CVS</i> <i>CVSROOT/passwd</i> file. Note that if the period (\".\") \n";
187 echo "character or other punctuation appears as the last character(s) of the hash above, \n";
188 echo "it <i>is</i> part of the hash and \n";
189 echo "must be included when copying and pasting.</p>\n";
190 $style->hrule_std();
191 do_form("Click To Generate Another Hashed Password");
192 }
193
194 //Now do the footer unconditionally. The footer is always used on this web page.
195 do_footer($style);
196 ?>

dashley@gmail.com
ViewVC Help
Powered by ViewVC 1.1.25