/[dtapublic]/sf_code/esrgweba/htdocs/phpcgibin/htpasswd_gen.php
ViewVC logotype

Annotation of /sf_code/esrgweba/htdocs/phpcgibin/htpasswd_gen.php

Parent Directory Parent Directory | Revision Log Revision Log


Revision 23 - (hide annotations) (download)
Sat Oct 8 06:11:57 2016 UTC (8 years, 2 months ago) by dashley
File size: 7460 byte(s)
Initial commit.
1 dashley 23 <?php
2     if (!$STDNWPSTYLE_INCLUDED)
3     {
4     include("stdnwpstyle.inc");
5     $STDNWPSTYLE_INCLUDED=1;
6     }
7     ?>
8     <?php
9     //********************************************************************************
10     //Copyright (C) 2003 David T. Ashley
11     //********************************************************************************
12     //This program or source file is free software; you can redistribute it and/or
13     //modify it under the terms of the GNU General Public License as published by
14     //the Free Software Foundation; either version 2 of the License, or (at your
15     //option) any later version.
16     //
17     //This program or source file is distributed in the hope that it will
18     //be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
19     //MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20     //GNU General Public License for more details.
21     //
22     //You may have received a copy of the GNU General Public License
23     //along with this program; if not, write to the Free Software
24     //Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25     //********************************************************************************
26     //
27     function do_header(&$style)
28     {
29     $style->header_title("HTPASSWD-Style Hashed Password Generator",
30     "<i>htpasswd</i>-Style Hashed Password Generator",
31     "");
32     echo "<p align=\"center\"><b><font size=\"3\">(This cgi-bin form generates password hashes which are \n";
33     echo "understood by the <i>Apache</i> web server in directory access files and also by \n";
34     echo "the <i>CVS</i> version control system when such entries are placed in the \n";
35     echo "<i>CVSROOT/passwd</i> file. &nbsp;The algorithm used is the standard DES algorithm with \n";
36     echo "randomly selected two-character salt. &nbsp;To use this password hash generator, \n";
37     echo "you must normally paste the output into an <i>Apache</i> directory access file or into \n";
38     echo "the <i>CVSROOT/passwd</i> file of a <i>CVS</i> repository.)</font></b></p>\n";
39     $style->hrule_std();
40     echo "<p align=\"center\"><font size=\"3\" color=\"#FF0000\"><b>WARNING:</b>&nbsp; The username and ";
41     echo "password you choose are ";
42     echo "transmitted over the network to the server unencrypted and can be intercepted.&nbsp; ";
43     echo "Use this utility ";
44     echo "at your own risk.</font></p>\n";
45     $style->hrule_std();
46     }
47    
48     function do_footer(&$style)
49     {
50     $style->footer_std();
51     }
52    
53     function do_form($Buttontext)
54     {
55     echo "<form method=post action=\"htpasswd_gen.php\" width=\"100%\">\n";
56     echo "<table align=\"center\">\n";
57     echo "<tr>\n";
58     echo " <td width=\"10%\">\n";
59     echo " <p align=\"right\"><b>Username</b> (required):</td>\n";
60     echo " <td width=\"12%\"><p align=\"left\"><input type=\"text\" name=\"Username\" size=\"30\"></p></td>\n";
61     echo " </tr>\n";
62     echo " <tr>\n";
63     echo " <td width=\"10%\">\n";
64     echo " <p align=\"right\"><b>Password</b> (required):</td>\n";
65     echo " <td width=\"12%\"><p align=\"left\"><input type=\"Password\" name=\"Password\" size=\"30\"></p></td>\n";
66     echo " </tr>\n";
67     echo " <tr>\n";
68     echo " <td width=\"20%\" colspan=\"2\">\n";
69     echo " <p align=\"center\"><input type=\"submit\" value=\"";
70     echo $Buttontext;
71     echo "\" name=\"B1\" style=\"margin-top: 12\"></td>\n";
72     echo " </tr>\n";
73     echo "</table>\n";
74     echo "</form>\n";
75     }
76    
77     function do_err_msg($Err_msg)
78     {
79     echo "<p align=\"center\"><b><font color=\"#FF0000\">";
80     echo $Err_msg;
81     echo "</font></b></p>\n";
82     }
83    
84     function random_salt()
85     {
86     //There are 64 possible values for each salt character, a-z, A-Z, 0-9, ., and /.
87     //Can easily generate a suitably random value.
88     $Matchstring = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
89     $Rand1 = rand(0,63);
90     $Rand2 = rand(0,63);
91     return(Substr($Matchstring, $Rand1, 1) . Substr($Matchstring, $Rand2, 1));
92     }
93    
94     //Main script begins here.
95     //
96     //
97     $style = new Stdnwpstyle;
98     //Assign the current style in force. Also, starts the CPU
99     //usage clock.
100    
101     //Do the header unconditionally. The header is always used on this page.
102     do_header($style);
103     //
104     //Load up a few variables based on what username and password values were supplied.
105     if (isset($Username) && isset($Password))
106     {
107     $Usernamelen = strlen($Username);
108     $Usernamevalid = 1;
109     for ($i=0; $i<$Usernamelen; $i++)
110     {
111     $Curchar = Substr($Username, $i, 1);
112     $Ord = ord($Curchar);
113     if (!
114     (
115     ($Ord >= ord("A") && $Ord <= ord("Z"))
116     ||
117     ($Ord >= ord("a") && $Ord <= ord("z"))
118     ||
119     ($Ord >= ord("0") && $Ord <= ord("9"))
120     )
121     )
122     {
123     $Usernamevalid = 0;
124     }
125     }
126    
127     $Passwordlen = strlen($Password);
128     $Passwordvalid = 1;
129     for ($i=0; $i<$Passwordlen; $i++)
130     {
131     $Curchar = Substr($Password, $i, 1);
132     $Ord = ord($Curchar);
133     if (!
134     (
135     ($Ord >= ord("A") && $Ord <= ord("Z"))
136     ||
137     ($Ord >= ord("a") && $Ord <= ord("z"))
138     ||
139     ($Ord >= ord("0") && $Ord <= ord("9"))
140     ||
141     ($Ord == ord("/"))
142     ||
143     ($Ord == ord("."))
144     )
145     )
146     {
147     $Passwordvalid = 0;
148     }
149     }
150    
151     }
152     //
153     //There are a few cases to break into here, and this affects the overall layout of the page.
154     //The header and footer are fixed, but the "guts" will change.
155     if (!isset($Username) || !isset($Password))
156     {
157     //In this case, we are probably visiting the form for the first time, and have not done a submit.
158     //Just display the form itself.
159     do_form("Click To Generate Hashed Password");
160     }
161     elseif ($Usernamelen < 1 || !$Usernamevalid)
162     {
163     //The user name is suspicious. Must flag it.
164     do_err_msg("The <i>Username</i> you supplied is not valid. &nbsp;User names must contain at least one character and may consist only of lower-case and upper-case letters and digits. &nbsp;Please try again.");
165     $style->hrule_std();
166     do_form("Click To Generate Hashed Password");
167     }
168     elseif ($Passwordlen < 2 || !$Passwordvalid)
169     {
170     //The password is suspicious. Must flag it.
171     do_err_msg("The <i>Password</i> you supplied is not valid. &nbsp;Passwords must contain at least two characters and may consist only of lower-case and upper-case letters and digits and the \"/\" and \".\" characters. &nbsp;Please try again.");
172     $style->hrule_std();
173     do_form("Click To Generate Hashed Password");
174     }
175     else
176     {
177     //Username and password seem within minimums. Should be clear to generate hashed password.
178     $Hashedpwd = crypt($Password, random_salt());
179     echo "<p align=\"left\">The hashed username/password is:</p>\n";
180     echo "<p align=\"left\"><font size=\"5\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>";
181     echo $Username;
182     echo ":";
183     echo $Hashedpwd;
184     echo "</b></font></p>\n";
185     echo "<p align=\"left\">You may paste this value directly into an <i>Apache</i> directory \n";
186     echo "access file or <i>CVS</i> <i>CVSROOT/passwd</i> file. Note that if the period (\".\") \n";
187     echo "character or other punctuation appears as the last character(s) of the hash above, \n";
188     echo "it <i>is</i> part of the hash and \n";
189     echo "must be included when copying and pasting.</p>\n";
190     $style->hrule_std();
191     do_form("Click To Generate Another Hashed Password");
192     }
193    
194     //Now do the footer unconditionally. The footer is always used on this web page.
195     do_footer($style);
196     ?>

dashley@gmail.com
ViewVC Help
Powered by ViewVC 1.1.25