kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

classe hta & fichiers section admin associés

This commit is contained in:
quenenni 2017-08-16 19:34:32 +02:00
parent 6f30c8bac4
commit 991b4b48e3
11 changed files with 117 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
bureau/admin/hta_add.php
View File

@ -30,10 +30,12 @@
require_once("../class/config.php");
include_once("head.php");
$fields = array (
"dir" => array ("request", "string", ""),
);
getFields($fields);
if (!isset($is_include)) {
$fields = array (
"dir" => array ("request", "string", ""),
);
getFields($fields);
}
?>
<h3><?php __("Protect a folder"); ?></h3>
@ -43,11 +45,8 @@ getFields($fields);
<?php __("Enter the name of the folder you want to protect. It must already exists."); ?>
</p>
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
include_once("foot.php");
exit;
} ?>
echo $msg->msg_html_all();
?>
<form method="post" action="hta_doadd.php" name="main" id="main">
<?php csrf_get(); ?>

9
bureau/admin/hta_adduser.php
View File

@ -39,9 +39,10 @@ getFields($fields);
?>
<h3><?php printf(_("Adding a username in %s"),$dir); ?></h3>
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['hta']['classcount'];
?>
<form method="post" action="hta_doadduser.php" name="main" id="main" autocomplete="off">
@ -61,7 +62,7 @@ getFields($fields);
</tr>
<tr>
<th><label for="password"><?php __("Password"); ?></label></th>
<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf"); ?></td>
<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>

8
bureau/admin/hta_del.php
View File

@ -29,18 +29,14 @@
*/
require_once("../class/config.php");
$error="";
// On parcours les POST_VARS et on repere les del_.
reset($_POST);
while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") {
// Effacement du dossier $val
// $r=$hta->DelDir($val);
$return = $hta->DelDir($val);
if (!$return) {
$error.= $err->errstr()."<br />";
} else {
$error.= sprintf(_("The protected folder %s has been successfully unprotected"),$val)."<br />";
if ($return) {
$msg->raise("Ok", "hta",_("The protected folder %s has been successfully unprotected"),$val);
}
}
}

17
bureau/admin/hta_doadd.php
View File

@ -36,18 +36,13 @@ $fields = array (
getFields($fields);
if(empty($dir)) {
$error=_("No directory specified");
$msg->raise("Error", "hta", _("No directory specified"));
include("hta_list.php");
exit();
}
if(!$hta->CreateDir($dir)) {
$error=$err->errstr();
} else if(!$hta->CreateDir($dir)) {
$is_include=true;
include("hta_add.php");
exit();
} else {
$msg->raise("Ok", "hta", _("Folder %s is protected"), $dir); // à traduire
include("hta_list.php");
}
include("hta_list.php");
exit();
?>

6
bureau/admin/hta_doadduser.php
View File

@ -38,15 +38,15 @@ getFields($fields);
if ($password != $passwordconf) {
$error = _("Passwords do not match");
$msg->raise("Error", "hta", _("Passwords do not match"));
include("hta_adduser.php");
exit();
}
if (!$hta->add_user($user, $password, $dir)) {
$error=$err->errstr();
include ("hta_adduser.php");
} else {
} else {
$msg->raise("Ok", "hta", _("The user %s was added to th protected folder %s"), array($user, $dir)); // à traduire
include ("hta_edit.php");
}
?>

11
bureau/admin/hta_dodeluser.php
View File

@ -38,10 +38,13 @@ getFields($fields);
if (!empty($confirm_del)) {
reset($d);
if (!$hta->del_user($d,$dir)) {
$error=$err->errstr();
if ($hta->del_user($d,$dir)) {
foreach ($d as $v) {
$msg->raise("Ok", "hta", _("The user '%s' was successfully deleted"), $v); // à traduire
}
}
header ('Location: /hta_edit.php?dir='.urlencode($dir));
$is_include=true;
include_once("hta_edit.php");
exit();
}
include_once('head.php');
@ -52,7 +55,7 @@ include_once('head.php');
<?php __("Do you really want to delete those users ?");?>
<ul>
<?php foreach($d as $t) {
echo "<li>".ehe($t,false)."</li>\n";
echo "<li><b>".ehe($t,false)."</b></li>\n";
} ?>
</ul>

24
bureau/admin/hta_doedituser.php
View File

@ -39,26 +39,16 @@ $fields = array (
getFields($fields);
if ($newpass != $newpassconf) {
$error = _("Passwords do not match");
$msg->raise("Error", "hta", _("Passwords do not match"));
include("hta_edituser.php");
exit();
}
if (!$hta->change_pass($user,$newpass,$dir)) {
$error=$err->errstr();
if ($hta->change_pass($user,$newpass,$dir)) {
$msg->raise("Ok", "hta", _("The password of the user %s has been successfully changed"), $user);
$is_include=true;
include_once("hta_edit.php");
} else {
include("hta_edituser.php");
}
?>
<h3><?php printf(_("Change the user %s in the protected folder %s"),$user,$dir); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
else {
echo "<p>".sprintf(_("The password of the user %s has been successfully changed"),$user)."</p>";
}
echo "<p><span class=\"ina\"><a href=\"hta_edit.php?dir=$dir\">"._("Click here to continue")."</a></span></p>";
?>
<?php include_once("foot.php"); ?>

22
bureau/admin/hta_edit.php
View File

@ -30,10 +30,12 @@
require_once("../class/config.php");
include_once("head.php");
$fields = array (
if (!isset($is_include)) {
$fields = array (
"dir" => array ("request", "string", ""),
);
getFields($fields);
);
getFields($fields);
}
if (!$dir) {
echo "<p class=\"alert alert-warning\">"._("No folder selected!")."</p>";
@ -41,20 +43,22 @@ if (!$dir) {
die();
} else {
$r=$hta->get_hta_detail($dir);
if (!$r) {
$error=$err->errstr();
}
} // if !$dir
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['hta']['classcount'];
?>
<h3><?php printf(_("List of authorized user in folder %s"),$dir); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (!count($r)) {
echo "<p class=\"alert alert-warning\">".sprintf(_("No authorized user in %s"),$dir)."</p>";
$msg->raise("Info", "hta", _("No authorized user in %s"),$dir);
echo $msg->msg_html_all();
} else {
reset($r);
reset($r);
echo $msg->msg_html_all();
?>
<form method="post" action="hta_dodeluser.php">
<?php csrf_get(); ?>
@ -108,7 +112,7 @@ for($i=0;$i<count($r);$i++){ ?>
</tr>
<tr>
<th><label for="password"><?php __("Password"); ?></label></th>
<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf"); ?></td>
<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>

9
bureau/admin/hta_edituser.php
View File

@ -36,12 +36,17 @@ $fields = array (
);
getFields($fields);
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['hta']['classcount'];
?>
<h3><?php printf(_("Editing user %s in the protected folder %s"),$user,$dir); ?></h3>
<hr id="topbar"/>
<br />
<?php if (!empty($error) ) { echo "<p class=\"alert alert-danger\">$error</p>"; } ?>
<?php
echo $msg->msg_html_all();
?>
<form method="post" action="hta_doedituser.php" name="main" id="main" autocomplete="off">
<?php csrf_get(); ?>
@ -63,7 +68,7 @@ getFields($fields);
</tr>
<tr>
<th><label for="newpass"><?php __("New password"); ?></label></th>
<td><input type="password" class="int" name="newpass" autocomplete="off" id="newpass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","#newpassconf"); ?></td>
<td><input type="password" class="int" name="newpass" autocomplete="off" id="newpass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","#newpassconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="newpassconf"><?php __("Confirm password"); ?></label></th>

24
bureau/admin/hta_list.php
View File

@ -30,10 +30,8 @@
require_once("../class/config.php");
include_once("head.php");
if (!$r=$hta->ListDir()) {
$error=$err->errstr();
} else {
reset($r);
if ($r=$hta->ListDir()) {
reset($r);
}
?>
@ -41,17 +39,15 @@ if (!$r=$hta->ListDir()) {
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
if (!is_array($r)) {
echo "<p><span class=\"ina\"><a href=\"hta_add.php\">"._("Protect a folder")."</a></span><br />";
$mem->show_help("hta_list");
echo "</p>";
include_once("foot.php");
exit();
}
if (!is_array($r)) {
echo "<p><span class=\"ina\"><a href=\"hta_add.php\">"._("Protect a folder")."</a></span><br />";
$mem->show_help("hta_list");
echo "</p>";
include_once("foot.php");
exit();
}
?>

101
bureau/class/m_hta.php
View File

@ -78,29 +78,26 @@ class m_hta {
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @global m_messages $msg
* @param string $dir
* @return boolean
*/
function CreateDir($dir) {
global $bro, $err;
$err->log("hta", "createdir", $dir);
global $bro, $msg;
$msg->log("hta", "createdir", $dir);
$absolute = $bro->convertabsolute($dir, 0);
if (!$absolute) {
$err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
if (!is_dir($absolute)) {
$msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
return false;
}
if (!file_exists($absolute)) {
@mkdir($absolute, 00777);
}
if (!file_exists("$absolute/.htaccess")) {
if (!@touch("$absolute/.htaccess")) {
$err->raise("hta", _("File already exist"));
$msg->raise('Error', "hta", _("File already exist"));
return false;
}
$file = @fopen("$absolute/.htaccess", "r+");
if (!$file) {
$err->raise("hta", _("File already exist"));
$msg->raise('Error', "hta", _("File already exist"));
return false;
}
fseek($file, 0);
@ -110,7 +107,7 @@ class m_hta {
}
if (!file_exists("$absolute/.htpasswd")) {
if (!touch("$absolute/.htpasswd")) {
$err->raise("hta", _("File already exist"));
$msg->raise('Error', "hta", _("File already exist"));
return false;
}
return true;
@ -121,18 +118,18 @@ class m_hta {
/**
* Returns the list of all user folder currently protected by a .htpasswd file
*
* @global m_err $err
* @global m_messages $msg
* @global m_mem $mem
* @return array Array containing user folder list
*/
function ListDir() {
global$err, $mem;
$err->log("hta", "listdir");
global$msg, $mem;
$msg->log("hta", "listdir");
$sortie = array();
$absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"];
exec("find " . escapeshellarg($absolute) . " -name .htpasswd|sort", $sortie);
if (!count($sortie)) {
$err->raise("hta", _("No protected folder"));
$msg->raise('Info', "hta", _("No protected folder"));
return false;
}
$pattern = "/^" . preg_quote(ALTERNC_HTML, "/") . "\/.\/[^\/]*\/(.*)\/\.htpasswd/";
@ -151,13 +148,13 @@ class m_hta {
* Tells if a folder is protected.
*
* @global m_mem $mem
* @global m_err $err
* @global m_messages $msg
* @param string $dir Folder to check
* @return boolean If the folder is protected, or FALSE if it is not
*/
function is_protected($dir) {
global $mem, $err;
$err->log("hta", "is_protected", $dir);
global $mem, $msg;
$msg->log("hta", "is_protected", $dir);
$absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
if (file_exists("$absolute/.htpasswd")) {
return true;
@ -170,13 +167,13 @@ class m_hta {
* Returns the list of login for a protected folder.
*
* @global m_mem $mem
* @global m_err $err
* @global m_messages $msg
* @param string $dir The folder to lookup (relative to user root)
* @return array An array containing the list of logins from the .htpasswd file, or FALSE
*/
function get_hta_detail($dir) {
global $mem, $err;
$err->log("hta", "get_hta_detail");
global $mem, $msg;
$msg->log("hta", "get_hta_detail");
$absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
if (file_exists("$absolute/.htaccess")) {
/* if (!_reading_htaccess($absolute)) {
@ -208,22 +205,22 @@ class m_hta {
*
* @global m_mem $mem
* @global m_bro $bro
* @global m_err $err
* @global m_messages $msg
* @param string $dir Folder to unprotect, relative to user root
* @param boolean $skip For testing purpose mainly, skips the full user path search
* @return boolean TRUE if the folder has been unprotected, or FALSE if an error occurred
*/
function DelDir($dir, $skip = false) {
global $bro, $err;
$err->log("hta", "deldir", $dir);
global $bro, $msg;
$msg->log("hta", "deldir", $dir);
$dir = $bro->convertabsolute($dir, $skip);
if (!$dir) {
$err->raise("hta", printf(("The folder '%s' does not exist"), $dir));
$msg->raise('Error', "hta", ("The folder '%s' does not exist"), $dir);
return false;
}
$htaccess_file = "$dir/.htaccess";
if (!is_readable($htaccess_file)) {
$err->raise("hta", printf(_("I cannot read the file '%s'"), $htaccess_file));
$msg->raise('Error', "hta", _("I cannot read the file '%s'"), $htaccess_file);
}
$fileLines = file($htaccess_file);
$patternList = array(
@ -243,21 +240,21 @@ class m_hta {
}
// If no changes
if (!$count_lines) {
$err->raise("hta", printf(_("Unexpected: No changes made to '%s'"), $htaccess_file));
$msg->raise('Alert', "hta", _("Unexpected: No changes made to '%s'"), $htaccess_file);
}
// If file is empty, remove it
if (!count($fileLines)) {
if (!unlink($htaccess_file)) {
$err->raise("hta", printf(_("I could not delete the file '%s'"), $htaccess_file));
$msg->raise('Error', "hta", _("I could not delete the file '%s'"), $htaccess_file);
}
} else {
file_put_contents($htaccess_file, implode("\n", $fileLines));
}
$htpasswd_file = "$dir/.htpasswd";
if (!is_writable($htpasswd_file)) {
$err->raise("hta", printf(_("I cannot read the file '%s'"), $htpasswd_file));
$msg->raise('Error', "hta", _("I cannot read the file '%s'"), $htpasswd_file);
} else if (!unlink($htpasswd_file)) {
$err->raise("hta", printf(_("I cannot delete the file '%s/.htpasswd'"), $dir));
$msg->raise('Error', "hta", _("I cannot delete the file '%s/.htpasswd'"), $dir);
return false;
}
@ -267,7 +264,7 @@ class m_hta {
/**
* Add a user to a protected folder
*
* @global m_err $err
* @global m_messages $msg
* @global m_bro $bro
* @global m_admin $admin
* @param string $user
@ -278,19 +275,19 @@ class m_hta {
* @return boolean TRUE if the user has been added, or FALSE if an error occurred
*/
function add_user($user, $password, $dir) {
global $err, $bro, $admin;
$err->log("hta", "add_user", $user . "/" . $dir);
global $msg, $bro, $admin;
$msg->log("hta", "add_user", $user . "/" . $dir);
if (empty($user)) {
$err->raise('hta', _("Please enter a user"));
$msg->raise('Error', 'hta', _("Please enter a user"));
return false;
}
if (empty($password)) {
$err->raise('hta', _("Please enter a password"));
$msg->raise('Error', 'hta', _("Please enter a password"));
return false;
}
$absolute = $bro->convertabsolute($dir, 0);
if (!file_exists($absolute)) {
$err->raise("hta", printf(("The folder '%s' does not exist"), $dir));
$msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
return false;
}
// @todo delete cf!. functions.php checkloginemail definition
@ -304,7 +301,7 @@ class m_hta {
$file = @fopen("$absolute/.htpasswd", "a+");
if (!$file) {
$err->raise("hta", _("File already exist"));
$msg->raise('Error', "hta", _("File already exist"));
return false;
}
fseek($file, 0);
@ -312,7 +309,7 @@ class m_hta {
$s = fgets($file, 1024);
$t = explode(":", $s);
if ($t[0] == $user) {
$err->raise("hta", _("The user '%s' already exist for this folder"), $user);
$msg->raise('Error', "hta", _("The user '%s' already exist for this folder"), $user);
return false;
}
}
@ -324,7 +321,7 @@ class m_hta {
fclose($file);
return true;
} else {
$err->raise("hta", _("Please enter a valid username"));
$msg->raise('Error', "hta", _("Please enter a valid username"));
return false;
}
}
@ -333,24 +330,24 @@ class m_hta {
* Delete a user from a protected folder.
*
* @global m_bro $bro
* @global m_err $err
* @global m_messages $msg
* @param array $lst An array with login to delete.
* @param string $dir The folder, relative to user root, where we want to delete users.
* @return boolean TRUE if users has been deleted, or FALSE if an error occurred.
*/
function del_user($lst, $dir) {
global $bro, $err;
$err->log("hta", "del_user", $lst . "/" . $dir);
global $bro, $msg;
$msg->log("hta", "del_user", $lst . "/" . $dir);
$absolute = $bro->convertabsolute($dir, 0);
if (!file_exists($absolute)) {
$err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
$msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
return false;
}
touch("$absolute/.htpasswd.new");
$file = fopen("$absolute/.htpasswd", "r");
$newf = fopen("$absolute/.htpasswd.new", "a");
if (!$file || !$newf) {
$err->raise("hta", _("File already exist"));
$msg->raise('Error', "hta", _("File already exist"));
return false;
}
reset($lst);
@ -378,11 +375,11 @@ class m_hta {
* @return boolean TRUE if the password has been changed, or FALSE if an error occurred
*/
function change_pass($user, $newpass, $dir) {
global $bro, $err, $admin;
$err->log("hta", "change_pass", $user . "/" . $dir);
global $bro, $msg, $admin;
$msg->log("hta", "change_pass", $user . "/" . $dir);
$absolute = $bro->convertabsolute($dir, 0);
if (!file_exists($absolute)) {
$err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
$msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
return false;
}
@ -397,7 +394,7 @@ class m_hta {
$file = fopen("$absolute/.htpasswd", "r");
$newf = fopen("$absolute/.htpasswd.new", "a");
if (!$file || !$newf) {
$err->raise("hta", _("File already exist"));
$msg->raise('Error', "hta", _("File already exist"));
return false;
}
while (!feof($file)) {
@ -418,14 +415,14 @@ class m_hta {
/**
* Check that a .htaccess file is valid (for authentication)
*
* @global m_err $err
* @global m_messages $msg
* @param type $absolute
* @param string $absolute Folder we want to check (relative to user root)
* @return boolean TRUE is the .htaccess is protecting this folder, or FALSE else
*/
private function _reading_htaccess($absolute) {
global $err;
$err->log("hta", "_reading_htaccess", $absolute);
global $msg;
$msg->log("hta", "_reading_htaccess", $absolute);
$file = fopen("$absolute/.htaccess", "r+");
$lignes = array(1, 1, 1);
$errr = 0;
@ -452,7 +449,7 @@ class m_hta {
} // Reading config file
fclose($file);
if ($errr || in_array(0, $lignes)) {
$err->raise("hta", _("An incompatible .htaccess file exists in this folder"));
$msg->raise('Error', "hta", _("An incompatible .htaccess file exists in this folder"));
return false;
}
return true;