Alternc  latest
Alternc logiel libre pour l'h├ębergement
 All Classes Namespaces Files Functions Variables Pages
m_hta Class Reference

This class handle folder web restricted access through .htaccess/.htpassword files. More...

Public Member Functions

 alternc_password_policy ()
 Password kind used in this class (hook for admin class) More...
 
 hook_menu ()
 hook called by menu class to add a menu to the left panel More...
 
 CreateDir ($dir)
 Create a protected folder (.htaccess et .htpasswd) More...
 
 ListDir ()
 Returns the list of all user folder currently protected by a .htpasswd file. More...
 
 is_protected ($dir)
 Tells if a folder is protected. More...
 
 get_hta_detail ($dir)
 Returns the list of login for a protected folder. More...
 
 DelDir ($dir, $skip=false)
 Unprotect a folder. More...
 
 add_user ($user, $password, $dir)
 Add a user to a protected folder. More...
 
 del_user ($lst, $dir)
 Delete a user from a protected folder. More...
 
 change_pass ($user, $newpass, $dir)
 Change the password of a user in a protected folder. More...
 

Private Member Functions

 _reading_htaccess ($absolute)
 Check that a .htaccess file is valid (for authentication) More...
 

Detailed Description

This class handle folder web restricted access through .htaccess/.htpassword files.

Definition at line 27 of file m_hta.php.

Member Function Documentation

m_hta::_reading_htaccess (   $absolute)
private

Check that a .htaccess file is valid (for authentication)

Parameters
globalm_messages $msg
type$absolute
string$absoluteFolder we want to check (relative to user root)
Returns
boolean TRUE is the .htaccess is protecting this folder, or FALSE else

Definition at line 413 of file m_hta.php.

References $msg.

413  {
414  global $msg;
415  $msg->log("hta", "_reading_htaccess", $absolute);
416  $file = fopen("$absolute/.htaccess", "r+");
417  $lignes = array(1, 1, 1);
418  $errr = 0;
419  if (!$file) {
420  return false;
421  }
422  while (!feof($file) && !$errr) {
423  $s = fgets($file, 1024);
424  if (substr($s, 0, 12) != "RewriteCond " && substr($s, 0, 14) != "ErrorDocument " && substr($s, 0, 12) != "RewriteRule " && substr($s, 0, 14) != "RewriteEngine " && trim($s) != "") {
425  $errr = 1;
426  }
427  if (strtolower(trim($s)) == strtolower("authuserfile $absolute/.htpasswd")) {
428  $lignes[0] = 0;
429  $errr = 0;
430  } // authuserfile
431  if (strtolower(trim($s)) == "require valid-user") {
432  $lignes[1] = 0;
433  $errr = 0;
434  } //require
435  if (strtolower(trim($s)) == "authtype basic") {
436  $lignes[2] = 0;
437  $errr = 0;
438  } //authtype
439  } // Reading config file
440  fclose($file);
441  if ($errr || in_array(0, $lignes)) {
442  $msg->raise("ERROR", "hta", _("An incompatible .htaccess file exists in this folder"));
443  return false;
444  }
445  return true;
446  }
$msg
Definition: config.php:155
m_hta::add_user (   $user,
  $password,
  $dir 
)

Add a user to a protected folder.

Parameters
globalm_messages $msg
globalm_bro $bro
globalm_admin $admin
string$user
string$password
string$dir
string$passwordThe password to add (cleartext)
string$dirThe folder we add it to (relative to user root).
Returns
boolean TRUE if the user has been added, or FALSE if an error occurred

Definition at line 264 of file m_hta.php.

References $bro, $msg, $password, $t, $user, _md5cr(), and checkloginmail().

264  {
265  global $msg, $bro, $admin;
266  $msg->log("hta", "add_user", $user . "/" . $dir);
267  if (empty($user)) {
268  $msg->raise("ERROR", 'hta', _("Please enter a user"));
269  return false;
270  }
271  if (empty($password)) {
272  $msg->raise("ERROR", 'hta', _("Please enter a password"));
273  return false;
274  }
275  $absolute = $bro->convertabsolute($dir, 0);
276  if (!file_exists($absolute)) {
277  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
278  return false;
279  }
280  // @todo delete cf!. functions.php checkloginemail definition
281  if (checkloginmail($user)) {
282  // Check this password against the password policy using common API :
283  if (is_callable(array($admin, "checkPolicy"))) {
284  if (!$admin->checkPolicy("hta", $user, $password)) {
285  return false; // The error has been raised by checkPolicy()
286  }
287  }
288 
289  $file = @fopen("$absolute/.htpasswd", "a+");
290  if (!$file) {
291  $msg->raise("ERROR", "hta", _("File already exist"));
292  return false;
293  }
294  fseek($file, 0);
295  while (!feof($file)) {
296  $s = fgets($file, 1024);
297  $t = explode(":", $s);
298  if ($t[0] == $user) {
299  $msg->raise("ERROR", "hta", _("The user '%s' already exist for this folder"), $user);
300  return false;
301  }
302  }
303  fseek($file, SEEK_END);
304  if (empty($t[1]) || substr($t[1], -1) != "\n") {
305  fwrite($file, "\n");
306  }
307  fwrite($file, "$user:" . _md5cr($password) . "\n");
308  fclose($file);
309  return true;
310  } else {
311  $msg->raise("ERROR", "hta", _("Please enter a valid username"));
312  return false;
313  }
314  }
$user
Definition: bootstrap.php:84
$bro
Definition: bootstrap.php:151
checkloginmail($mail)
Check a login mail, cf http://www.bortzmeyer.org/arreter-d-interdire-des-adresses-legales.html.
Definition: functions.php:233
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
$password
Definition: bootstrap.php:85
m_hta::alternc_password_policy ( )

Password kind used in this class (hook for admin class)

Returns
array

Definition at line 34 of file m_hta.php.

34  {
35  return array("hta" => "Protected folders passwords");
36  }
m_hta::change_pass (   $user,
  $newpass,
  $dir 
)

Change the password of a user in a protected folder.

Parameters
string$userThe users whose password should be changed
string$newpassThe new password of this user
string$dirThe folder, relative to user root, in which we will change a password
Returns
boolean TRUE if the password has been changed, or FALSE if an error occurred

Definition at line 366 of file m_hta.php.

References $bro, $msg, $t, $user, and _md5cr().

366  {
367  global $bro, $msg, $admin;
368  $msg->log("hta", "change_pass", $user . "/" . $dir);
369  $absolute = $bro->convertabsolute($dir, 0);
370  if (!file_exists($absolute)) {
371  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
372  return false;
373  }
374 
375  // Check this password against the password policy using common API :
376  if (is_callable(array($admin, "checkPolicy"))) {
377  if (!$admin->checkPolicy("hta", $user, $newpass)) {
378  return false; // The error has been raised by checkPolicy()
379  }
380  }
381 
382  touch("$absolute/.htpasswd.new");
383  $file = fopen("$absolute/.htpasswd", "r");
384  $newf = fopen("$absolute/.htpasswd.new", "a");
385  if (!$file || !$newf) {
386  $msg->raise("ERROR", "hta", _("File already exist"));
387  return false;
388  }
389  while (!feof($file)) {
390  $s = fgets($file, 1024);
391  $t = explode(":", $s);
392  if ($t[0] != $user) {
393  fwrite($newf, "$s");
394  }
395  }
396  fwrite($newf, "$user:" . _md5cr($newpass) . "\n");
397  fclose($file);
398  fclose($newf);
399  unlink("$absolute/.htpasswd");
400  rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
401  return true;
402  }
$user
Definition: bootstrap.php:84
$bro
Definition: bootstrap.php:151
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
m_hta::CreateDir (   $dir)

Create a protected folder (.htaccess et .htpasswd)

Parameters
string$dirFolder to protect (relative to user root)
Returns
boolean TRUE if the folder has been protected, or FALSE if an error occurred
Parameters
globalm_mem $mem
globalm_bro $bro
globalm_messages $msg
string$dir
Returns
boolean

Definition at line 67 of file m_hta.php.

References $bro, and $msg.

67  {
68  global $bro, $msg;
69  $msg->log("hta", "createdir", $dir);
70  $absolute = $bro->convertabsolute($dir, 0);
71  if (!is_dir($absolute)) {
72  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
73  return false;
74  }
75  if (!file_exists("$absolute/.htaccess")) {
76  if (!@touch("$absolute/.htaccess")) {
77  $msg->raise("ERROR", "hta", _("File already exist"));
78  return false;
79  }
80  $file = @fopen("$absolute/.htaccess", "r+");
81  if (!$file) {
82  $msg->raise("ERROR", "hta", _("File already exist"));
83  return false;
84  }
85  fseek($file, 0);
86  $param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \"" . _("Restricted area") . "\"\nAuthType Basic\nrequire valid-user\n";
87  fwrite($file, $param);
88  fclose($file);
89  }
90  if (!file_exists("$absolute/.htpasswd")) {
91  if (!touch("$absolute/.htpasswd")) {
92  $msg->raise("ERROR", "hta", _("File already exist"));
93  return false;
94  }
95  return true;
96  }
97  return true;
98  }
$bro
Definition: bootstrap.php:151
$msg
Definition: config.php:155
m_hta::del_user (   $lst,
  $dir 
)

Delete a user from a protected folder.

Parameters
globalm_bro $bro
globalm_messages $msg
array$lstAn array with login to delete.
string$dirThe folder, relative to user root, where we want to delete users.
Returns
boolean TRUE if users has been deleted, or FALSE if an error occurred.

Definition at line 326 of file m_hta.php.

References $bro, $msg, and $t.

326  {
327  global $bro, $msg;
328  $msg->log("hta", "del_user", $lst . "/" . $dir);
329  $absolute = $bro->convertabsolute($dir, 0);
330  if (!file_exists($absolute)) {
331  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
332  return false;
333  }
334  touch("$absolute/.htpasswd.new");
335  $file = fopen("$absolute/.htpasswd", "r");
336  $newf = fopen("$absolute/.htpasswd.new", "a");
337  if (!$file || !$newf) {
338  $msg->raise("ERROR", "hta", _("File already exist"));
339  return false;
340  }
341  reset($lst);
342  fseek($file, 0);
343  while (!feof($file)) {
344  $s = fgets($file, 1024);
345  $t = explode(":", $s);
346  if (!in_array($t[0], $lst) && ($t[0] != "\n")) {
347  fseek($newf, 0);
348  fwrite($newf, "$s");
349  }
350  }
351  fclose($file);
352  fclose($newf);
353  unlink("$absolute/.htpasswd");
354  rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
355  return true;
356  }
$bro
Definition: bootstrap.php:151
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
m_hta::DelDir (   $dir,
  $skip = false 
)

Unprotect a folder.

Parameters
globalm_mem $mem
globalm_bro $bro
globalm_messages $msg
string$dirFolder to unprotect, relative to user root
boolean$skipFor testing purpose mainly, skips the full user path search
Returns
boolean TRUE if the folder has been unprotected, or FALSE if an error occurred

Definition at line 199 of file m_hta.php.

References $bro, $key, and $msg.

199  {
200  global $bro, $msg;
201  $msg->log("hta", "deldir", $dir);
202  $dir = $bro->convertabsolute($dir, $skip);
203  if (!$dir) {
204  $msg->raise("ERROR", "hta", ("The folder '%s' does not exist"), $dir);
205  return false;
206  }
207  $htaccess_file = "$dir/.htaccess";
208  if (!is_readable($htaccess_file)) {
209  $msg->raise("ERROR", "hta", _("I cannot read the file '%s'"), $htaccess_file);
210  }
211  $fileLines = file($htaccess_file);
212  $patternList = array(
213  "AuthUserFile.*$",
214  "AuthName.*$",
215  "AuthType Basic.*$",
216  "require valid-user.*$"
217  );
218  $count_lines = 0;
219  foreach ($fileLines as $key => $line) {
220  foreach ($patternList as $pattern) {
221  if (preg_match("/" . $pattern . "/", $line)) {
222  $count_lines++;
223  unset($fileLines[$key]);
224  }
225  }
226  }
227  // If no changes
228  if (!$count_lines) {
229  $msg->raise("ALERT", "hta", _("Unexpected: No changes made to '%s'"), $htaccess_file);
230  }
231  // If file is empty, remove it
232  if (!count($fileLines)) {
233  if (!unlink($htaccess_file)) {
234  $msg->raise("ERROR", "hta", _("I could not delete the file '%s'"), $htaccess_file);
235  }
236  } else {
237  file_put_contents($htaccess_file, implode("\n", $fileLines));
238  }
239  $htpasswd_file = "$dir/.htpasswd";
240  if (!is_writable($htpasswd_file)) {
241  $msg->raise("ERROR", "hta", _("I cannot read the file '%s'"), $htpasswd_file);
242  } else if (!unlink($htpasswd_file)) {
243  $msg->raise("ERROR", "hta", _("I cannot delete the file '%s/.htpasswd'"), $dir);
244  return false;
245  }
246 
247  return true;
248  }
$bro
Definition: bootstrap.php:151
$msg
Definition: config.php:155
if(empty($_POST['key'])||empty($_POST['val'])) $key
Definition: tempovars.php:14
m_hta::get_hta_detail (   $dir)

Returns the list of login for a protected folder.

Parameters
globalm_mem $mem
globalm_messages $msg
string$dirThe folder to lookup (relative to user root)
Returns
array An array containing the list of logins from the .htpasswd file, or FALSE

Definition at line 159 of file m_hta.php.

References $i, $mem, $msg, $res, $t, and ALTERNC_HTML.

159  {
160  global $mem, $msg;
161  $msg->log("hta", "get_hta_detail");
162  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
163  if (file_exists("$absolute/.htaccess")) {
164  /* if (!_reading_htaccess($absolute)) {
165  return false;
166  }
167  */
168  }
169  $file = @fopen("$absolute/.htpasswd", "r");
170  $i = 0;
171  $res = array();
172  if (!$file) {
173  return false;
174  }
175  // TODO: Test the validity of a .htpasswd
176  while (!feof($file)) {
177  $s = fgets($file, 1024);
178  $t = explode(":", $s);
179  if ($t[0] != $s) {
180  $res[$i] = $t[0];
181  $i = $i + 1;
182  }
183  }
184  fclose($file);
185  return $res;
186  }
$i
const ALTERNC_HTML
Definition: bootstrap.php:10
$res
Definition: index.php:125
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
$mem
Definition: bootstrap.php:71
m_hta::hook_menu ( )

hook called by menu class to add a menu to the left panel

Returns
array

Definition at line 44 of file m_hta.php.

44  {
45  $obj = array(
46  'title' => _("Protected folders"),
47  'ico' => 'images/password.png',
48  'link' => 'hta_list.php',
49  'pos' => 50,
50  );
51 
52  return $obj;
53  }
m_hta::is_protected (   $dir)

Tells if a folder is protected.

Parameters
globalm_mem $mem
globalm_messages $msg
string$dirFolder to check
Returns
boolean If the folder is protected, or FALSE if it is not

Definition at line 139 of file m_hta.php.

References $mem, $msg, and ALTERNC_HTML.

139  {
140  global $mem, $msg;
141  $msg->log("hta", "is_protected", $dir);
142  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
143  if (file_exists("$absolute/.htpasswd")) {
144  return true;
145  } else {
146  return false;
147  }
148  }
const ALTERNC_HTML
Definition: bootstrap.php:10
$msg
Definition: config.php:155
$mem
Definition: bootstrap.php:71
m_hta::ListDir ( )

Returns the list of all user folder currently protected by a .htpasswd file.

Parameters
globalm_messages $msg
globalm_mem $mem
Returns
array Array containing user folder list

Definition at line 108 of file m_hta.php.

References $i, $mem, $msg, $r, and ALTERNC_HTML.

108  {
109  global$msg, $mem;
110  $msg->log("hta", "listdir");
111  $sortie = array();
112  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"];
113  exec("find " . escapeshellarg($absolute) . " -name .htpasswd|sort", $sortie);
114  if (!count($sortie)) {
115  $msg->raise("INFO", "hta", _("No protected folder"));
116  return false;
117  }
118  $pattern = "/^" . preg_quote(ALTERNC_HTML, "/") . "\/.\/[^\/]*\/(.*)\/\.htpasswd/";
119 
120  $r = array();
121  for ($i = 0; $i < count($sortie); $i++) {
122  $matches = array();
123  preg_match($pattern, $sortie[$i], $matches);
124  $tmpm = isset($matches[1]) ? '/' . $matches[1] : '';
125  $r[$i] = $tmpm . "/";
126  }
127  return $r;
128  }
$r
Definition: aws_add.php:75
$i
const ALTERNC_HTML
Definition: bootstrap.php:10
$msg
Definition: config.php:155
$mem
Definition: bootstrap.php:71

The documentation for this class was generated from the following file: