Blame | Letzte Ă„nderung | Log anzeigen | RSS feed
<?php/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: *//*** File::Passwd::Authdigest** PHP versions 4 and 5** LICENSE: This source file is subject to version 3.0 of the PHP license* that is available through the world-wide-web at the following URI:* http://www.php.net/license/3_0.txt. If you did not receive a copy of* the PHP License and are unable to obtain it through the web, please* send a note to license@php.net so we can mail you a copy immediately.** @category FileFormats* @package File_Passwd* @author Michael Wallner <mike@php.net>* @copyright 2003-2005 Michael Wallner* @license http://www.php.net/license/3_0.txt PHP License 3.0* @version CVS: $Id: Authdigest.php,v 1.13 2005/09/27 06:26:08 mike Exp $* @link http://pear.php.net/package/File_Passwd*//*** Requires File::Passwd::Common*/require_once 'File/Passwd/Common.php';/*** Manipulate AuthDigestFiles as used for HTTP Digest Authentication.** <kbd><u>* Usage Example:* </u></kbd>* <code>* $htd = &File_Passwd::factory('Authdigest');* $htd->setFile('/www/mike/auth/.htdigest');* $htd->load();* $htd->addUser('mike', 'myRealm', 'secret');* $htd->save();* </code>** <kbd><u>* Output of listUser()* </u></kbd>* <pre>* array* + user => array* + realm => crypted_passwd* + realm => crypted_passwd* + user => array* + realm => crypted_passwd* </pre>** @author Michael Wallner <mike@php.net>* @package File_Passwd* @version $Revision: 1.13 $* @access public*/class File_Passwd_Authdigest extends File_Passwd_Common{/*** Path to AuthDigestFile** @var string* @access private*/var $_file = '.htdigest';/*** Constructor** @access public* @param string $file path to AuthDigestFile*/function File_Passwd_Authdigest($file = '.htdigest'){parent::__construct($file);}/*** Fast authentication of a certain user** Returns a PEAR_Error if:* o file doesn't exist* o file couldn't be opened in read mode* o file couldn't be locked exclusively* o file couldn't be unlocked (only if auth fails)* o file couldn't be closed (only if auth fails)** @static call this method statically for a reasonable fast authentication** @throws PEAR_Error* @access public* @return mixed true if authenticated, false if not or PEAR_Error* @param string $file path to passwd file* @param string $user user to authenticate* @param string $pass plaintext password* @param string $realm the realm the user is in*/function staticAuth($file, $user, $pass, $realm){$line = File_Passwd_Common::_auth($file, $user.':'.$realm);if (!$line || PEAR::isError($line)) {return $line;}@list(,,$real)= explode(':', $line);return (md5("$user:$realm:$pass") === $real);}/*** Apply changes and rewrite AuthDigestFile** Returns a PEAR_Error if:* o directory in which the file should reside couldn't be created* o file couldn't be opened in write mode* o file couldn't be locked exclusively* o file couldn't be unlocked* o file couldn't be closed** @throws PEAR_Error* @access public* @return mixed true on success or a PEAR_Error*/function save(){$content = '';if (count($this->_users)) {foreach ($this->_users as $user => $realm) {foreach ($realm as $r => $pass){$content .= "$user:$r:$pass\n";}}}return $this->_save($content);}/*** Add an user** Returns a PEAR_Error if:* o the user already exists in the supplied realm* o the user or realm contain illegal characters** $user and $realm must start with an alphabetical charachter and must NOT* contain any other characters than alphanumerics, the underline and dash.** @throws PEAR_Error* @access public* @return mixed true on success or a PEAR_Error* @param string $user the user to add* @param string $realm the realm the user should be in* @param string $pass the plaintext password*/function addUser($user, $realm, $pass){if ($this->userInRealm($user, $realm)) {return PEAR::raiseError("User '$user' already exists in realm '$realm'.", 0);}if (!preg_match($this->_pcre, $user)) {return PEAR::raiseError(sprintf(FILE_PASSWD_E_INVALID_CHARS_STR, 'User ', $user),FILE_PASSWD_E_INVALID_CHARS);}if (!preg_match($this->_pcre, $realm)) {return PEAR::raiseError(sprintf(FILE_PASSWD_E_INVALID_CHARS_STR, 'Realm ', $realm),FILE_PASSWD_E_INVALID_CHARS);}$this->_users[$user][$realm] = md5("$user:$realm:$pass");return true;}/*** List all user of (a | all) realm(s)** Returns:* o associative array of users of ONE realm if $inRealm was supplied* <pre>* realm1* + user1 => pass* + user2 => pass* + user3 => pass* </pre>* o associative array of all realms with all users* <pre>* array* + realm1 => array* + user1 => pass* + user2 => pass* + user3 => pass* + realm2 => array* + user3 => pass* + realm3 => array* + user1 => pass* + user2 => pass* </pre>** @access public* @return array* @param string $inRealm the realm to list users of;* if omitted, you'll get all realms*/function listUserInRealm($inRealm = ''){$result = array();foreach ($this->_users as $user => $realms){foreach ($realms as $realm => $pass){if (!empty($inRealm) && ($inRealm !== $realm)) {continue;}if (!isset($result[$realm])) {$result[$realm] = array();}$result[$realm][$user] = $pass;}}return $result;}/*** Change the password of a certain user** Returns a PEAR_Error if:* o user doesn't exist in the supplied realm* o user or realm contains illegal characters** This method in fact adds the user whith the new password* after deleting the user.** @throws PEAR_Error* @access public* @return mixed true on success or a PEAR_Error* @param string $user the user whose password should be changed* @param string $realm the realm the user is in* @param string $pass the new plaintext password*/function changePasswd($user, $realm, $pass){if (PEAR::isError($error = $this->delUserInRealm($user, $realm))) {return $error;} else {return $this->addUser($user, $realm, $pass);}}/*** Verifiy password** Returns a PEAR_Error if the user doesn't exist in the supplied realm.** @throws PEAR_Error* @access public* @return mixed true if passwords equal, false if they don't, or PEAR_Error* @param string $user the user whose password should be verified* @param string $realm the realm the user is in* @param string $pass the plaintext password to verify*/function verifyPasswd($user, $realm, $pass){if (!$this->userInRealm($user, $realm)) {return PEAR::raiseError(sprintf(FILE_PASSWD_E_USER_NOT_IN_REALM_STR, $user, $realm),FILE_PASSWD_E_USER_NOT_IN_REALM);}return ($this->_users[$user][$realm] === md5("$user:$realm:$pass"));}/*** Ckeck if a certain user is in a specific realm** @throws PEAR_Error* @access public* @return boolean* @param string $user the user to check* @param string $realm the realm the user shuold be in*/function userInRealm($user, $realm){return (isset($this->_users[$user][$realm]));}/*** Delete a certain user in a specific realm** Returns a PEAR_Error if <var>$user</var> doesn't exist <var>$inRealm</var>.** @throws PEAR_Error* @access public* @return mixed true on success or PEAR_Error* @param string $user the user to remove* @param string $inRealm the realm the user should be in*/function delUserInRealm($user, $inRealm){if (!$this->userInRealm($user, $inRealm)) {return PEAR::raiseError(sprintf(FILE_PASSWD_E_USER_NOT_IN_REALM_STR, $user, $inRealm),FILE_PASSWD_E_USER_NOT_IN_REALM);}unset($this->_users[$user][$inRealm]);return true;}/*** Parse the AuthDigestFile** Returns a PEAR_Error if AuthDigestFile has invalid format.** @throws PEAR_Error* @access public* @return mixed true on success or PEAR_Error*/function parse(){$this->_users = array();foreach ($this->_contents as $line) {$user = explode(':', $line);if (count($user) != 3) {return PEAR::raiseError(FILE_PASSWD_E_INVALID_FORMAT_STR,FILE_PASSWD_E_INVALID_FORMAT);}list($user, $realm, $pass) = $user;$this->_users[$user][$realm] = trim($pass);}$this->_contents = array();return true;}/*** Generate Password** @static* @access public* @return string The crypted password.* @param string $user The username.* @param string $realm The realm the user is in.* @param string $pass The plaintext password.*/function generatePasswd($user, $realm, $pass){return md5("$user:$realm:$pass");}/*** @ignore* @deprecated*/function generatePassword($user, $realm, $pass){return File_Passwd_Authdigest::generatePasswd($user, $realm, $pass);}}?>