kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

adding crypt_apr1_md5 method into awstats

This commit is contained in:
Benjamin Sonntag 2014-04-04 11:53:46 +02:00
parent a80e22b012
commit a074328fae
1 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
awstats/bureau/class/m_aws.php
View File

@ -478,7 +478,7 @@ class m_aws {
$err->raise("aws",_("Login already exist")); $err->raise("aws",_("Login already exist"));
return false; return false;
} }
$pass=_md5cr($pass); $pass=$this->crypt_apr1_md5($pass);
// FIXME retourner une erreur l'insert se passe pas bien // FIXME retourner une erreur l'insert se passe pas bien
$db->query("INSERT INTO aws_users (uid,login,pass) VALUES ('$cuid','$login','$pass');"); $db->query("INSERT INTO aws_users (uid,login,pass) VALUES ('$cuid','$login','$pass');");
return $this->_createhtpasswd(); return $this->_createhtpasswd();
@ -498,7 +498,7 @@ class m_aws {
$err->raise("aws",_("Login does not exists")); // Login does not exists $err->raise("aws",_("Login does not exists")); // Login does not exists
return false; return false;
} }
$pass=_md5c($pass); $pass=$this->crypt_apr1_md5($pass);
$db->query("UPDATE aws_users SET pass='$pass' WHERE login='$login';"); $db->query("UPDATE aws_users SET pass='$pass' WHERE login='$login';");
return $this->_createhtpasswd(); return $this->_createhtpasswd();
} }
@ -794,6 +794,42 @@ class m_aws {
return $str; return $str;
} }
/* ----------------------------------------------------------------- */
/**
* from http://php.net/crypt#73619
*/
function crypt_apr1_md5($plainpasswd) {
$salt = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"), 0, 8);
$len = strlen($plainpasswd);
$text = $plainpasswd.'$apr1$'.$salt;
$bin = pack("H32", md5($plainpasswd.$salt.$plainpasswd));
for($i = $len; $i > 0; $i -= 16) { $text .= substr($bin, 0, min(16, $i)); }
for($i = $len; $i > 0; $i >>= 1) { $text .= ($i & 1) ? chr(0) : $plainpasswd{0}; }
$bin = pack("H32", md5($text));
for($i = 0; $i < 1000; $i++) {
$new = ($i & 1) ? $plainpasswd : $bin;
if ($i % 3) $new .= $salt;
if ($i % 7) $new .= $plainpasswd;
$new .= ($i & 1) ? $bin : $plainpasswd;
$bin = pack("H32", md5($new));
}
for ($i = 0; $i < 5; $i++) {
$k = $i + 6;
$j = $i + 12;
if ($j == 16) $j = 5;
$tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
}
$tmp = chr(0).chr(0).$bin[11].$tmp;
$tmp = strtr(strrev(substr(base64_encode($tmp), 2)),
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
return "$"."apr1"."$".$salt."$".$tmp;
}
} /* CLASSE m_aws */ } /* CLASSE m_aws */
?> ?>