168 lines
5.5 KiB
PHP
168 lines
5.5 KiB
PHP
<?php
|
|
/* ----------------------------------------------------------------------
|
|
|
|
MyOOS [Dumper]
|
|
http://www.oos-shop.de/
|
|
|
|
Copyright (c) 2013 - 2022 by the MyOOS Development Team.
|
|
----------------------------------------------------------------------
|
|
Based on:
|
|
|
|
MySqlDumper
|
|
http://www.mysqldumper.de
|
|
|
|
Copyright (C)2004-2011 Daniel Schlichtholz (admin@mysqldumper.de)
|
|
----------------------------------------------------------------------
|
|
Released under the GNU General Public License
|
|
---------------------------------------------------------------------- */
|
|
|
|
if (!defined('MOD_VERSION')) {
|
|
exit('No direct access.');
|
|
}
|
|
include './language/'.$config['language'].'/lang_sql.php';
|
|
|
|
include './inc/home/apr1_md5/apr1_md5.php';
|
|
use WhiteHat101\Crypt\APR1_MD5;
|
|
|
|
$dba = $hta_dir = $Overwrite = $msg = '';
|
|
$error = [];
|
|
$is_htaccess = (file_exists('./.htaccess'));
|
|
if ($is_htaccess) {
|
|
$Overwrite = '<p class="error">'.$lang['L_HTACCESS8'].'</p>';
|
|
$htaccess_exist = file('.htaccess'); // read .htaccess
|
|
}
|
|
|
|
$step = (isset($_POST['step'])) ? intval($_POST['step']) : 0;
|
|
$type = 1; // default encryption type set to MD5(APR)
|
|
if ('WIN' == strtoupper(substr(MOD_OS, 0, 3))) {
|
|
$type = 2;
|
|
} // we are on a Win-System; pre-select encryption type
|
|
if (isset($_POST['type'])) {
|
|
$type = intval($_POST['type']);
|
|
}
|
|
$username = (isset($_POST['username'])) ? $_POST['username'] : '';
|
|
$userpass1 = (isset($_POST['userpass1'])) ? $_POST['userpass1'] : '';
|
|
$userpass2 = (isset($_POST['userpass2'])) ? $_POST['userpass2'] : '';
|
|
|
|
header('Pragma: no-cache');
|
|
header('Cache-Control: no-cache, must-revalidate');
|
|
header('Expires: -1');
|
|
header('Content-Type: text/html; charset=UTF-8');
|
|
$tpl = new MODTemplate();
|
|
$tpl->set_filenames([
|
|
'show' => './tpl/home/protection_create.tpl', ]);
|
|
$tpl->assign_vars([
|
|
'THEME' => $config['theme'],
|
|
'HEADLINE' => headline($lang['L_HTACC_CREATE']), ]);
|
|
|
|
if (isset($_POST['username'])) {
|
|
// Form submitted
|
|
if ('' == $username) {
|
|
$error[] = $lang['L_HTACC_NO_USERNAME'];
|
|
}
|
|
if (($userpass1 != $userpass2) || ('' == $userpass1)) {
|
|
$error[] = $lang['L_PASSWORDS_UNEQUAL'];
|
|
}
|
|
|
|
if (0 == sizeof($error)) {
|
|
$realm = 'MyOOS-Dumper';
|
|
$htaccess =
|
|
"<IfModule mod_rewrite.c>\n".
|
|
" RewriteEngine off\n".
|
|
"</IfModule>\n".
|
|
'AuthName "'.$realm."\"\n".
|
|
"AuthType Basic\n".
|
|
'AuthUserFile "'.$config['paths']['root'].".htpasswd\"\n".
|
|
'Require valid-user';
|
|
switch ($type) {
|
|
// CRYPT
|
|
case 0:
|
|
$userpass = crypt($userpass1, 'rl');
|
|
break;
|
|
// MD5(APR)
|
|
case 1:
|
|
$userpass = APR1_MD5::hash($userpass1);
|
|
break;
|
|
// PLAIN TEXT
|
|
case 2:
|
|
$userpass = $userpass1;
|
|
break;
|
|
// SHA1
|
|
case 3:
|
|
$userpass = '{SHA}'.base64_encode(sha1($userpass1, true));
|
|
break;
|
|
// BCRYPT
|
|
case 4:
|
|
$userpass = password_hash($userpass1, PASSWORD_BCRYPT);
|
|
break;
|
|
}
|
|
$htpasswd = $username.':'.$userpass;
|
|
@chmod($config['paths']['root'], 0777);
|
|
|
|
// save .htpasswd
|
|
if ($file_htpasswd = @fopen('.htpasswd', 'w')) {
|
|
$saved = fputs($file_htpasswd, $htpasswd);
|
|
fclose($file_htpasswd);
|
|
} else {
|
|
$saved = false;
|
|
}
|
|
|
|
// save .htaccess
|
|
if (false !== $saved) {
|
|
$file_htaccess = @fopen('.htaccess', 'w');
|
|
if ($file_htaccess) {
|
|
$saved = fputs($file_htaccess, $htaccess);
|
|
fclose($file_htaccess);
|
|
} else {
|
|
$saved = false;
|
|
}
|
|
}
|
|
|
|
if (false !== $saved) {
|
|
$msg = '<span class="success">'.$lang['L_HTACC_CREATED'].'</span>';
|
|
$tpl->assign_block_vars('CREATE_SUCCESS', [
|
|
'HTACCESS' => htmlspecialchars($htaccess),
|
|
'HTPASSWD' => htmlspecialchars($htpasswd),
|
|
]);
|
|
@chmod($config['paths']['root'], 0755);
|
|
} else {
|
|
$tpl->assign_block_vars('CREATE_ERROR', [
|
|
'HTACCESS' => htmlspecialchars($htaccess),
|
|
'HTPASSWD' => htmlspecialchars($htpasswd),
|
|
]);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (sizeof($error) > 0 || !isset($_POST['username'])) {
|
|
$tpl->assign_vars([
|
|
'PASSWORDS_UNEQUAL' => my_addslashes($lang['L_PASSWORDS_UNEQUAL']),
|
|
'HTACC_CONFIRM_CREATE' => my_addslashes($lang['L_HTACC_CONFIRM_CREATE']),
|
|
]);
|
|
|
|
$tpl->assign_block_vars('INPUT', [
|
|
'USERNAME' => htmlspecialchars($username),
|
|
'USERPASS1' => htmlspecialchars($userpass1),
|
|
'USERPASS2' => htmlspecialchars($userpass2),
|
|
'TYPE0_CHECKED' => 0 == $type ? ' checked="checked"' : '',
|
|
'TYPE1_CHECKED' => 1 == $type ? ' checked="checked"' : '',
|
|
'TYPE2_CHECKED' => 2 == $type ? ' checked="checked"' : '',
|
|
'TYPE3_CHECKED' => 3 == $type ? ' checked="checked"' : '',
|
|
'TYPE4_CHECKED' => 4 == $type ? ' checked="checked"' : '',
|
|
]);
|
|
}
|
|
|
|
if (sizeof($error) > 0) {
|
|
$msg = '<span class="error">'.implode('<br>', $error).'</span>';
|
|
}
|
|
if ($msg > '') {
|
|
$tpl->assign_block_vars('MSG', [
|
|
'TEXT' => $msg, ]);
|
|
}
|
|
|
|
$tpl->pparse('show');
|
|
|
|
echo MODFooter();
|
|
ob_end_flush();
|
|
exit();
|