ftp_ansicht repariert und neues msd

2023-02-11 15:24:36 +01:00
parent f104df7f3b
commit 3dcc93a65d
681 changed files with 96753 additions and 24555 deletions
--- a/msd/inc/home/protection_create.php
+++ b/msd/inc/home/protection_create.php
@ -4,7 +4,7 @@
   MyOOS [Dumper]
   http://www.oos-shop.de/

-   Copyright (c) 2016 by the MyOOS Development Team.
+   Copyright (c) 2013 - 2022 by the MyOOS Development Team.
   ----------------------------------------------------------------------
   Based on:

@ -16,142 +16,152 @@
   Released under the GNU General Public License
   ---------------------------------------------------------------------- */

-if (!defined('MSD_VERSION')) die('No direct access.');
-include ('./language/'.$config['language'].'/lang_sql.php');
+if (!defined('MOD_VERSION')) {
+    exit('No direct access.');
+}
+include './language/'.$config['language'].'/lang_sql.php';

-$dba=$hta_dir=$Overwrite=$msg='';
-$error=array();
-$is_htaccess=(file_exists('./.htaccess'));
-if ($is_htaccess)
-{
-	$Overwrite='<p class="error">'.$lang['L_HTACCESS8'].'</p>';
-	$htaccess_exist=file('.htaccess'); // read .htaccess
+include './inc/home/apr1_md5/apr1_md5.php';
+use WhiteHat101\Crypt\APR1_MD5;
+
+$dba = $hta_dir = $Overwrite = $msg = '';
+$error = [];
+$is_htaccess = (file_exists('./.htaccess'));
+if ($is_htaccess) {
+    $Overwrite = '<p class="error">'.$lang['L_HTACCESS8'].'</p>';
+    $htaccess_exist = file('.htaccess'); // read .htaccess
 }

-$step=(isset($_POST['step'])) ? intval($_POST['step']) : 0;
-$type=0; // default encryption type set to crypt()
-if (strtoupper(substr(MSD_OS,0,3))=='WIN') $type=2; // we are on a Win-System; pre-select encryption type
-if (isset($_POST['type'])) $type=intval($_POST['type']);
-$username=(isset($_POST['username'])) ? $_POST['username'] : '';
-$userpass1=(isset($_POST['userpass1'])) ? $_POST['userpass1'] : '';
-$userpass2=(isset($_POST['userpass2'])) ? $_POST['userpass2'] : '';
+$step = (isset($_POST['step'])) ? intval($_POST['step']) : 0;
+$type = 1; // default encryption type set to MD5(APR)
+if ('WIN' == strtoupper(substr(MOD_OS, 0, 3))) {
+    $type = 2;
+} // we are on a Win-System; pre-select encryption type
+if (isset($_POST['type'])) {
+    $type = intval($_POST['type']);
+}
+$username = (isset($_POST['username'])) ? $_POST['username'] : '';
+$userpass1 = (isset($_POST['userpass1'])) ? $_POST['userpass1'] : '';
+$userpass2 = (isset($_POST['userpass2'])) ? $_POST['userpass2'] : '';

 header('Pragma: no-cache');
-header("Cache-Control: no-cache, must-revalidate");
-header("Expires: -1");
+header('Cache-Control: no-cache, must-revalidate');
+header('Expires: -1');
 header('Content-Type: text/html; charset=UTF-8');
-$tpl=new MSDTemplate();
-$tpl->set_filenames(array(
-	'show' => './tpl/home/protection_create.tpl'));
-$tpl->assign_vars(array(
-	'THEME' => $config['theme'],
-	'HEADLINE' => headline($lang['L_HTACC_CREATE'])));
+$tpl = new MODTemplate();
+$tpl->set_filenames([
+    'show' => './tpl/home/protection_create.tpl', ]);
+$tpl->assign_vars([
+    'THEME' => $config['theme'],
+    'HEADLINE' => headline($lang['L_HTACC_CREATE']), ]);

-if (isset($_POST['username']))
-{
-	// Form submitted
-	if ($username=='') $error[]=$lang['L_HTACC_NO_USERNAME'];
-	if (($userpass1!=$userpass2)||($userpass1=='')) $error[]=$lang['L_PASSWORDS_UNEQUAL'];
+if (isset($_POST['username'])) {
+    // Form submitted
+    if ('' == $username) {
+        $error[] = $lang['L_HTACC_NO_USERNAME'];
+    }
+    if (($userpass1 != $userpass2) || ('' == $userpass1)) {
+        $error[] = $lang['L_PASSWORDS_UNEQUAL'];
+    }

-	if (sizeof($error)==0)
-	{
-		$htaccess = "<IfModule mod_rewrite.c>\nRewriteEngine off\n</IfModule>\n";
-		$realm='MyOOS-Dumper';
-		$htaccess.="AuthName \"".$realm."\"\nAuthType Basic\nAuthUserFile \""
-		  .$config['paths']['root'].".htpasswd\"\nrequire valid-user";
-		switch ($type)
-		{
-			// Crypt
-			case 0:
-				$userpass=crypt($userpass1);
-				break;
-			// MD5
-			case 1:
-				$userpass=md5($username.':'.$realm.':'.$userpass1);
-				break;
-			// WIn - no encryption
-			case 2:
-				$userpass=$userpass1;
-				break;
-			// SHA
-			case 3:
-				$userpass='{SHA}'.base64_encode(sha1($userpass1,TRUE));
-				break;
-		}
-		$htpasswd=$username.':'.$userpass;
-		@chmod($config['paths']['root'],0777);
+    if (0 == sizeof($error)) {
+        $realm = 'MyOOS-Dumper';
+        $htaccess =
+            "<IfModule mod_rewrite.c>\n".
+            "  RewriteEngine off\n".
+            "</IfModule>\n".
+            'AuthName "'.$realm."\"\n".
+            "AuthType Basic\n".
+            'AuthUserFile "'.$config['paths']['root'].".htpasswd\"\n".
+            'Require valid-user';
+        switch ($type) {
+            // CRYPT
+            case 0:
+                $userpass = crypt($userpass1, 'rl');
+                break;
+            // MD5(APR)
+            case 1:
+                $userpass = APR1_MD5::hash($userpass1);
+                break;
+            // PLAIN TEXT
+            case 2:
+                $userpass = $userpass1;
+                break;
+            // SHA1
+            case 3:
+                $userpass = '{SHA}'.base64_encode(sha1($userpass1, true));
+                break;
+            // BCRYPT
+            case 4:
+                $userpass = password_hash($userpass1, PASSWORD_BCRYPT);
+                break;
+        }
+        $htpasswd = $username.':'.$userpass;
+        @chmod($config['paths']['root'], 0777);

-		// save .htpasswd
-		if ($file_htpasswd=@fopen('.htpasswd','w'))
-		{
-			$saved=fputs($file_htpasswd,$htpasswd);
-			fclose($file_htpasswd);
-		}
-		else
-			$saved=false;
+        // save .htpasswd
+        if ($file_htpasswd = @fopen('.htpasswd', 'w')) {
+            $saved = fputs($file_htpasswd, $htpasswd);
+            fclose($file_htpasswd);
+        } else {
+            $saved = false;
+        }

-		// save .htaccess
-		if (false!==$saved)
-		{
-			$file_htaccess=@fopen('.htaccess','w');
-			if ($file_htaccess)
-			{
-				$saved=fputs($file_htaccess,$htaccess);
-				fclose($file_htaccess);
-			}
-			else
-				$saved=false;
-		}
-
-		if (false!==$saved)
-		{
-		    if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
-                $output  = array(
-                    'HTACCESS' => nl2br(htmlspecialchars($htaccess), false),
-                    'HTPASSWD' => nl2br(htmlspecialchars($htpasswd), false)
-                );
+        // save .htaccess
+        if (false !== $saved) {
+            $file_htaccess = @fopen('.htaccess', 'w');
+            if ($file_htaccess) {
+                $saved = fputs($file_htaccess, $htaccess);
+                fclose($file_htaccess);
            } else {
-                $output  = array(
-                    'HTACCESS' => nl2br(htmlspecialchars($htaccess)),
-                    'HTPASSWD' => nl2br(htmlspecialchars($htpasswd))
-                );
-		    }
+                $saved = false;
+            }
+        }

-		    $msg='<span class="success">'.$lang['L_HTACC_CREATED'].'</span>';
-			$tpl->assign_block_vars('CREATE_SUCCESS', $output);
-			@chmod($config['paths']['root'],0755);
-		}
-		else
-		{
-			$tpl->assign_block_vars('CREATE_ERROR',array(
-				'HTACCESS' => htmlspecialchars($htaccess),
-				'HTPASSWD' => htmlspecialchars($htpasswd)));
-		}
-	}
+        if (false !== $saved) {
+            $msg = '<span class="success">'.$lang['L_HTACC_CREATED'].'</span>';
+            $tpl->assign_block_vars('CREATE_SUCCESS', [
+                'HTACCESS' => htmlspecialchars($htaccess),
+                'HTPASSWD' => htmlspecialchars($htpasswd),
+            ]);
+            @chmod($config['paths']['root'], 0755);
+        } else {
+            $tpl->assign_block_vars('CREATE_ERROR', [
+                'HTACCESS' => htmlspecialchars($htaccess),
+                'HTPASSWD' => htmlspecialchars($htpasswd),
+            ]);
+        }
+    }
 }

-if (sizeof($error)>0||!isset($_POST['username']))
-{
-	$tpl->assign_vars(array(
-		'PASSWORDS_UNEQUAL' => my_addslashes($lang['L_PASSWORDS_UNEQUAL']),
-		'HTACC_CONFIRM_DELETE' => my_addslashes($lang['L_HTACC_CONFIRM_DELETE'])));
+if (sizeof($error) > 0 || !isset($_POST['username'])) {
+    $tpl->assign_vars([
+        'PASSWORDS_UNEQUAL' => my_addslashes($lang['L_PASSWORDS_UNEQUAL']),
+        'HTACC_CONFIRM_CREATE' => my_addslashes($lang['L_HTACC_CONFIRM_CREATE']),
+    ]);

-	$tpl->assign_block_vars('INPUT',array(
-		'USERNAME' => htmlspecialchars($username),
-		'USERPASS1' => htmlspecialchars($userpass1),
-		'USERPASS2' => htmlspecialchars($userpass2),
-		'TYPE0_CHECKED' => $type==0 ? ' checked="checked"' : '',
-		'TYPE1_CHECKED' => $type==1 ? ' checked="checked"' : '',
-		'TYPE2_CHECKED' => $type==2 ? ' checked="checked"' : '',
-		'TYPE3_CHECKED' => $type==3 ? ' checked="checked"' : ''));
+    $tpl->assign_block_vars('INPUT', [
+        'USERNAME' => htmlspecialchars($username),
+        'USERPASS1' => htmlspecialchars($userpass1),
+        'USERPASS2' => htmlspecialchars($userpass2),
+        'TYPE0_CHECKED' => 0 == $type ? ' checked="checked"' : '',
+        'TYPE1_CHECKED' => 1 == $type ? ' checked="checked"' : '',
+        'TYPE2_CHECKED' => 2 == $type ? ' checked="checked"' : '',
+        'TYPE3_CHECKED' => 3 == $type ? ' checked="checked"' : '',
+        'TYPE4_CHECKED' => 4 == $type ? ' checked="checked"' : '',
+    ]);
 }

-if (sizeof($error)>0) $msg='<span class="error">'.implode('<br>',$error).'</span>';
-if ($msg>'') $tpl->assign_block_vars('MSG',array(
-	'TEXT' => $msg));
+if (sizeof($error) > 0) {
+    $msg = '<span class="error">'.implode('<br>', $error).'</span>';
+}
+if ($msg > '') {
+    $tpl->assign_block_vars('MSG', [
+    'TEXT' => $msg, ]);
+}

 $tpl->pparse('show');

-echo MSDFooter();
+echo MODFooter();
 ob_end_flush();
-die();
+exit();