2006-04-26 12:28:53 +00:00
|
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
$Id: m_hta.php,v 1.5 2004/11/29 17:15:37 anonymous Exp $
|
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
|
AlternC - Web Hosting System
|
|
|
|
|
Copyright (C) 2002 by the AlternC Development Team.
|
|
|
|
|
http://alternc.org/
|
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
|
Based on:
|
|
|
|
|
Valentin Lacambre's web hosting softwares: http://altern.org/
|
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
|
LICENSE
|
|
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or
|
|
|
|
|
modify it under the terms of the GNU General Public License (GPL)
|
|
|
|
|
as published by the Free Software Foundation; either version 2
|
|
|
|
|
of the License, or (at your option) any later version.
|
|
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
To read the license please visit http://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
|
Original Author of file:
|
|
|
|
|
Purpose of file:
|
|
|
|
|
----------------------------------------------------------------------
|
|
|
|
|
*/
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* This class handle folder web restricted access through .htaccess/.htpassword
|
|
|
|
|
* files.
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*
|
|
|
|
|
* Copyleft {@link http://alternc.net/ AlternC Team}
|
|
|
|
|
*
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* @copyright AlternC-Team 2002-11-01 http://alternc.org/
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
class m_hta {
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Constructor
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function m_webaccess() {
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2009-11-30 06:01:34 +00:00
|
|
|
|
/**
|
|
|
|
|
* Password kind used in this class (hook for admin class)
|
|
|
|
|
*/
|
|
|
|
|
function alternc_password_policy() {
|
|
|
|
|
return array("hta"=>"Protected folders passwords");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Create a protected folder (.htaccess et .htpasswd)
|
|
|
|
|
* @param string $dir Folder to protect (relative to user root)
|
|
|
|
|
* @return boolean TRUE if the folder has been protected, or FALSE if an error occurred
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function CreateDir($dir) {
|
2011-06-04 12:12:17 +00:00
|
|
|
|
global $mem,$bro,$err,$L_ALTERNC_LOC;
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$err->log("hta","createdir",$dir);
|
|
|
|
|
$absolute=$bro->convertabsolute($dir,0);
|
|
|
|
|
if (!$absolute) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (!file_exists($absolute)) {
|
2011-06-04 14:28:57 +00:00
|
|
|
|
@mkdir($absolute,00777);
|
2006-04-26 12:28:53 +00:00
|
|
|
|
}
|
|
|
|
|
if (!file_exists("$absolute/.htaccess")) {
|
2011-06-04 14:28:57 +00:00
|
|
|
|
if (!@touch("$absolute/.htaccess")) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("File already exist"));
|
2011-06-04 14:28:57 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
$file = @fopen("$absolute/.htaccess","r+");
|
|
|
|
|
if (!$file) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("File already exist"));
|
2011-06-04 14:28:57 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
fseek($file,0);
|
2013-02-05 17:39:34 +00:00
|
|
|
|
$param="AuthUserFile \"$absolute/.htpasswd\"\nAuthName \""._("Restricted area")."\"\nAuthType Basic\nrequire valid-user\n";
|
2006-04-26 12:28:53 +00:00
|
|
|
|
fwrite($file, $param);
|
|
|
|
|
fclose($file);
|
|
|
|
|
}
|
|
|
|
|
if (!file_exists("$absolute/.htpasswd")) {
|
2011-06-04 14:28:57 +00:00
|
|
|
|
if (!touch("$absolute/.htpasswd")) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("File already exist"));
|
2011-06-04 14:28:57 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Returns the list of all user folder currently protected by a .htpasswd file
|
|
|
|
|
* @return array Array containing user folder list
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
|
2012-05-25 13:08:44 +00:00
|
|
|
|
function ListDir(){
|
2013-01-23 13:34:01 +00:00
|
|
|
|
global$err,$mem,$L_ALTERNC_LOC;
|
|
|
|
|
$err->log("hta","listdir");
|
|
|
|
|
$sortie=array();
|
|
|
|
|
$absolute="$L_ALTERNC_LOC/html/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
|
|
|
|
|
exec("find $absolute -name .htpasswd|sort",$sortie);
|
|
|
|
|
if(!count($sortie)){
|
|
|
|
|
$err->raise("hta",_("No protected folder"));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
$pattern="/^".preg_quote($L_ALTERNC_LOC,"/")."\/html\/.\/[^\/]*\/(.*)\/\.htpasswd/";
|
|
|
|
|
for($i=0;$i<count($sortie);$i++){
|
|
|
|
|
preg_match($pattern,$sortie[$i],$matches);
|
|
|
|
|
$tmpm=isset($matches[1])?$matches[1]:'';
|
|
|
|
|
$r[$i]=$tmpm."/";
|
|
|
|
|
}
|
|
|
|
|
return $r;
|
2012-05-25 13:08:44 +00:00
|
|
|
|
}
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Tells if a folder is protected.
|
|
|
|
|
* @param string $dir Folder to check
|
|
|
|
|
* @return TRUE if the folder is protected, or FALSE if it is not
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function is_protected($dir){
|
2011-06-04 12:12:17 +00:00
|
|
|
|
global $mem,$err,$L_ALTERNC_LOC;
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$err->log("hta","is_protected",$dir);
|
2011-06-04 12:12:17 +00:00
|
|
|
|
$absolute="$L_ALTERNC_LOC/html/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$sortie=array();
|
|
|
|
|
if (file_exists("$absolute/.htpasswd")){
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Returns the list of login for a protected folder.
|
|
|
|
|
* @param string $dir The folder to lookup (relative to user root)
|
|
|
|
|
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function get_hta_detail($dir) {
|
2011-06-04 12:12:17 +00:00
|
|
|
|
global $mem,$err,$L_ALTERNC_LOC;
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$err->log("hta","get_hta_detail");
|
2011-06-04 12:12:17 +00:00
|
|
|
|
$absolute="$L_ALTERNC_LOC/html/".substr($mem->user["login"],0,1)."/".$mem->user["login"]."/$dir";
|
2006-04-26 12:28:53 +00:00
|
|
|
|
if (file_exists("$absolute/.htaccess")) {
|
|
|
|
|
/* if (!_reading_htaccess($absolute)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
*/ }
|
2009-11-30 05:02:53 +00:00
|
|
|
|
$file = @fopen("$absolute/.htpasswd","r");
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$i=0;
|
|
|
|
|
$res=array();
|
2009-11-30 05:02:53 +00:00
|
|
|
|
if (!$file) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
// TODO: Tester la validit<69> du .htpasswd
|
|
|
|
|
while (!feof($file)) {
|
|
|
|
|
$s=fgets($file,1024);
|
|
|
|
|
$t=explode(":",$s);
|
|
|
|
|
if ($t[0]!=$s) {
|
|
|
|
|
$res[$i]=$t[0];
|
|
|
|
|
$i=$i+1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
fclose($file);
|
|
|
|
|
return $res;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Unprotect a folder
|
|
|
|
|
* @param string $dir Folder to unprotect, relative to user root
|
|
|
|
|
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function DelDir($dir) {
|
|
|
|
|
global $mem,$bro,$err;
|
|
|
|
|
$err->log("hta","deldir",$dir);
|
|
|
|
|
$dir=$bro->convertabsolute($dir,0);
|
|
|
|
|
if (!$dir) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2012-05-25 13:08:44 +00:00
|
|
|
|
if (!@unlink("$dir/.htaccess")) {
|
2012-10-18 07:52:54 +00:00
|
|
|
|
$err->raise("hta",printf(_("I cannot delete the file '%s/.htaccess'"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2012-05-25 13:08:44 +00:00
|
|
|
|
if (!@unlink("$dir/.htpasswd")) {
|
2012-10-18 07:52:54 +00:00
|
|
|
|
$err->raise("hta",printf(_("I cannot delete the file '%s/.htpasswd'"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Add a user to a protected folder
|
|
|
|
|
* @param string $login The user login to add
|
|
|
|
|
* @param string $password The password to add (cleartext)
|
|
|
|
|
* @param string $dir The folder we add it to (relative to user root).
|
|
|
|
|
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function add_user($user,$password,$dir) {
|
2009-11-30 06:01:34 +00:00
|
|
|
|
global $err, $bro, $admin;
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$err->log("hta","add_user",$user."/".$dir);
|
2013-01-31 17:17:18 +00:00
|
|
|
|
if (empty($user)) {
|
|
|
|
|
$err->raise('hta',_("Please enter a user"));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (empty($password)) {
|
|
|
|
|
$err->raise('hta',_("Please enter a password"));
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$absolute=$bro->convertabsolute($dir,0);
|
|
|
|
|
if (!file_exists($absolute)) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",printf(("The folder '%s' does not exist"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
if (checkloginmail($user)){
|
2009-11-30 06:01:34 +00:00
|
|
|
|
// Check this password against the password policy using common API :
|
|
|
|
|
if (is_callable(array($admin,"checkPolicy"))) {
|
|
|
|
|
if (!$admin->checkPolicy("hta",$user,$password)) {
|
|
|
|
|
return false; // The error has been raised by checkPolicy()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
$file = @fopen("$absolute/.htpasswd","a+");
|
|
|
|
|
if (!$file) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("File already exist"));
|
2009-11-30 05:02:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
fseek($file,0);
|
|
|
|
|
while (!feof($file)) {
|
|
|
|
|
$s=fgets($file,1024);
|
|
|
|
|
$t=explode(":",$s);
|
|
|
|
|
if ($t[0]==$user) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",printf(_("The user '%s' already exist for this folder"),$user));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
fseek($file,SEEK_END);
|
2013-01-31 17:00:39 +00:00
|
|
|
|
if ( empty($t[1]) || substr($t[1],-1)!="\n") {
|
2006-04-26 12:28:53 +00:00
|
|
|
|
fwrite($file,"\n");
|
|
|
|
|
}
|
|
|
|
|
fwrite($file, "$user:"._md5cr($password)."\n");
|
|
|
|
|
fclose($file);
|
|
|
|
|
return true;
|
|
|
|
|
} else {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("Please enter a valid username"));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Delete a user from a protected folder.
|
|
|
|
|
* @param array $lst An array with login to delete.
|
|
|
|
|
* @param string $dir The folder, relative to user root, where we want to delete users.
|
|
|
|
|
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function del_user($lst,$dir) {
|
|
|
|
|
global $bro,$err;
|
|
|
|
|
$err->log("hta","del_user",$lst."/".$dir);
|
|
|
|
|
$absolute=$bro->convertabsolute($dir,0);
|
|
|
|
|
if (!file_exists($absolute)) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
touch("$absolute/.htpasswd.new");
|
|
|
|
|
$file = fopen("$absolute/.htpasswd","r");
|
|
|
|
|
$newf = fopen("$absolute/.htpasswd.new","a");
|
2009-11-30 05:02:53 +00:00
|
|
|
|
if (!$file || !$newf) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("File already exist"));
|
2009-11-30 05:02:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
reset($lst);
|
|
|
|
|
fseek($file,0);
|
|
|
|
|
while (!feof($file)) {
|
|
|
|
|
$s=fgets($file,1024);
|
|
|
|
|
$t=explode(":",$s);
|
|
|
|
|
if (!in_array($t[0],$lst) && ($t[0]!="\n")) {
|
|
|
|
|
fseek($newf,0);
|
|
|
|
|
fwrite($newf, "$s");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
fclose($file);
|
|
|
|
|
fclose($newf);
|
|
|
|
|
unlink("$absolute/.htpasswd");
|
|
|
|
|
rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Change the password of a user in a protected folder
|
|
|
|
|
* @param string $user The users whose password should be changed
|
|
|
|
|
* @param string $newpass The new password of this user
|
|
|
|
|
* @param string $dir The folder, relative to user root, in which we will change a password
|
|
|
|
|
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred
|
2006-04-26 12:28:53 +00:00
|
|
|
|
*/
|
|
|
|
|
function change_pass($user,$newpass,$dir) {
|
2009-11-30 06:01:34 +00:00
|
|
|
|
global $bro,$err,$admin;
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$err->log("hta","change_pass",$user."/".$dir);
|
|
|
|
|
$absolute=$bro->convertabsolute($dir,0);
|
|
|
|
|
if (!file_exists($absolute)) {
|
2012-08-26 13:39:28 +00:00
|
|
|
|
$err->raise("hta",printf(_("The folder '%s' does not exist"),$dir));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2009-11-30 06:01:34 +00:00
|
|
|
|
|
|
|
|
|
// Check this password against the password policy using common API :
|
|
|
|
|
if (is_callable(array($admin,"checkPolicy"))) {
|
2012-05-25 13:08:44 +00:00
|
|
|
|
if (!$admin->checkPolicy("hta",$user,$newpass)) {
|
2009-11-30 06:01:34 +00:00
|
|
|
|
return false; // The error has been raised by checkPolicy()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
touch("$absolute/.htpasswd.new");
|
|
|
|
|
$file = fopen("$absolute/.htpasswd","r");
|
|
|
|
|
$newf = fopen("$absolute/.htpasswd.new","a");
|
2009-11-30 05:02:53 +00:00
|
|
|
|
if (!$file || !$newf) {
|
2012-08-26 13:31:38 +00:00
|
|
|
|
$err->raise("hta",_("File already exist"));
|
2009-11-30 05:02:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
while (!feof($file)) {
|
|
|
|
|
$s=fgets($file,1024);
|
|
|
|
|
$t=explode(":",$s);
|
|
|
|
|
if ($t[0]!=$user) {
|
|
|
|
|
fwrite($newf, "$s");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
fwrite($newf, "$user:"._md5cr($newpass)."\n");
|
|
|
|
|
fclose($file);
|
|
|
|
|
fclose($newf);
|
|
|
|
|
unlink("$absolute/.htpasswd");
|
|
|
|
|
rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
|
2006-04-26 12:28:53 +00:00
|
|
|
|
/*---------------------------------------------------------------------------*/
|
|
|
|
|
/**
|
2009-11-30 05:02:53 +00:00
|
|
|
|
* Check that a .htaccess file is valid (for authentication)
|
|
|
|
|
* @param string $absolute Folder we want to check (relative to user root)
|
|
|
|
|
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
|
2006-04-26 12:28:53 +00:00
|
|
|
|
* @access private
|
|
|
|
|
*/
|
|
|
|
|
function _reading_htaccess($absolute) {
|
|
|
|
|
global $err;
|
|
|
|
|
$err->log("hta","_reading_htaccess",$absolute);
|
|
|
|
|
$file = fopen("$absolute/.htaccess","r+");
|
|
|
|
|
$lignes=array(1,1,1);
|
|
|
|
|
$errr=0;
|
2009-11-30 05:02:53 +00:00
|
|
|
|
if (!$file) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2006-04-26 12:28:53 +00:00
|
|
|
|
while (!feof($file) && !$errr) {
|
|
|
|
|
$s=fgets($file,1024);
|
2006-05-16 19:42:25 +00:00
|
|
|
|
if (substr($s,0,12)!="RewriteCond " && substr($s,0,14)!="ErrorDocument " && substr($s,0,12)!="RewriteRule " && substr($s,0,14)!="RewriteEngine " && trim($s)!="") {
|
2006-04-26 12:28:53 +00:00
|
|
|
|
$errr=1;
|
|
|
|
|
}
|
|
|
|
|
if (strtolower(trim($s))==strtolower("authuserfile $absolute/.htpasswd")) {
|
|
|
|
|
$lignes[0]=0;
|
|
|
|
|
$errr=0;
|
|
|
|
|
} // authuserfile
|
|
|
|
|
if (strtolower(trim($s))=="require valid-user") {
|
|
|
|
|
$lignes[1]=0;
|
|
|
|
|
$errr=0;
|
|
|
|
|
} //require
|
|
|
|
|
if (strtolower(trim($s))=="authtype basic") {
|
|
|
|
|
$lignes[2]=0;
|
|
|
|
|
$errr=0;
|
|
|
|
|
} //authtype
|
|
|
|
|
} // Reading config file
|
|
|
|
|
fclose($file);
|
2012-10-18 07:52:54 +00:00
|
|
|
|
if ($errr || in_array(0,$lignes)) {
|
|
|
|
|
$err->raise("hta",_("An incompatible .htaccess file exists in this folder"));
|
2006-04-26 12:28:53 +00:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2009-11-30 05:02:53 +00:00
|
|
|
|
} /* CLASS m_hta */
|
|
|
|
|
|
|
|
|
|
|