Alternc  latest
Alternc logiel libre pour l'hébergement
Public Member Functions | Private Member Functions | List of all members
m_hta Class Reference

This class handle folder web restricted access through .htaccess/.htpassword files. More...

Public Member Functions

 alternc_password_policy ()
 Password kind used in this class (hook for admin class) More...
 
 hook_menu ()
 hook called by menu class to add a menu to the left panel More...
 
 CreateDir ($dir)
 Create a protected folder (.htaccess et .htpasswd) More...
 
 ListDir ()
 Returns the list of all user folder currently protected by a .htpasswd file. More...
 
 is_protected ($dir)
 Tells if a folder is protected. More...
 
 get_hta_detail ($dir)
 Returns the list of login for a protected folder. More...
 
 DelDir ($dir, $skip=false)
 Unprotect a folder. More...
 
 add_user ($user, $password, $dir)
 Add a user to a protected folder. More...
 
 del_user ($lst, $dir)
 Delete a user from a protected folder. More...
 
 change_pass ($user, $newpass, $dir)
 Change the password of a user in a protected folder. More...
 

Private Member Functions

 _reading_htaccess ($absolute)
 Check that a .htaccess file is valid (for authentication) More...
 

Detailed Description

This class handle folder web restricted access through .htaccess/.htpassword files.

Copyright
AlternC-Team 2000-2017 https://alternc.com/

Definition at line 27 of file m_hta.php.

Member Function Documentation

◆ _reading_htaccess()

m_hta::_reading_htaccess (   $absolute)
private

Check that a .htaccess file is valid (for authentication)

Parameters
globalm_messages $msg
type$absolute
string$absoluteFolder we want to check (relative to user root)
Returns
boolean TRUE is the .htaccess is protecting this folder, or FALSE else

Definition at line 408 of file m_hta.php.

408  {
409  global $msg;
410  $msg->debug("hta", "_reading_htaccess", $absolute);
411  $file = fopen("$absolute/.htaccess", "r+");
412  $lignes = array(1, 1, 1);
413  $errr = 0;
414  if (!$file) {
415  return false;
416  }
417  while (!feof($file) && !$errr) {
418  $s = fgets($file, 1024);
419  if (substr($s, 0, 12) != "RewriteCond " && substr($s, 0, 14) != "ErrorDocument " && substr($s, 0, 12) != "RewriteRule " && substr($s, 0, 14) != "RewriteEngine " && trim($s) != "") {
420  $errr = 1;
421  }
422  if (strtolower(trim($s)) == strtolower("authuserfile $absolute/.htpasswd")) {
423  $lignes[0] = 0;
424  $errr = 0;
425  } // authuserfile
426  if (strtolower(trim($s)) == "require valid-user") {
427  $lignes[1] = 0;
428  $errr = 0;
429  } //require
430  if (strtolower(trim($s)) == "authtype basic") {
431  $lignes[2] = 0;
432  $errr = 0;
433  } //authtype
434  } // Reading config file
435  fclose($file);
436  if ($errr || in_array(0, $lignes)) {
437  $msg->raise("ERROR", "hta", _("An incompatible .htaccess file exists in this folder"));
438  return false;
439  }
440  return true;
441  }
$msg
$msg
Definition: bootstrap.php:75

References $msg.

◆ add_user()

m_hta::add_user (   $user,
  $password,
  $dir 
)

Add a user to a protected folder.

Parameters
globalm_messages $msg
globalm_bro $bro
globalm_admin $admin
string$user
string$password
string$dir
string$passwordThe password to add (cleartext)
string$dirThe folder we add it to (relative to user root).
Returns
boolean TRUE if the user has been added, or FALSE if an error occurred

Definition at line 259 of file m_hta.php.

259  {
260  global $msg, $bro, $admin;
261  $msg->log("hta", "add_user", $user . "/" . $dir);
262  if (empty($user)) {
263  $msg->raise("ERROR", 'hta', _("Please enter a user"));
264  return false;
265  }
266  if (empty($password)) {
267  $msg->raise("ERROR", 'hta', _("Please enter a password"));
268  return false;
269  }
270  $absolute = $bro->convertabsolute($dir, 0);
271  if (!file_exists($absolute)) {
272  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
273  return false;
274  }
275  // @todo delete cf!. functions.php checkloginemail definition
276  if (checkloginmail($user)) {
277  // Check this password against the password policy using common API :
278  if (is_callable(array($admin, "checkPolicy"))) {
279  if (!$admin->checkPolicy("hta", $user, $password)) {
280  return false; // The error has been raised by checkPolicy()
281  }
282  }
283 
284  $file = @fopen("$absolute/.htpasswd", "a+");
285  if (!$file) {
286  $msg->raise("ERROR", "hta", _("File already exist"));
287  return false;
288  }
289  fseek($file, 0);
290  while (!feof($file)) {
291  $s = fgets($file, 1024);
292  $t = explode(":", $s);
293  if ($t[0] == $user) {
294  $msg->raise("ERROR", "hta", _("The user '%s' already exist for this folder"), $user);
295  return false;
296  }
297  }
298  fseek($file, SEEK_END);
299  if (empty($t[1]) || substr($t[1], -1) != "\n") {
300  fwrite($file, "\n");
301  }
302  fwrite($file, "$user:" . _md5cr($password) . "\n");
303  fclose($file);
304  return true;
305  } else {
306  $msg->raise("ERROR", "hta", _("Please enter a valid username"));
307  return false;
308  }
309  }
checkloginmail
checkloginmail($mail)
Check a login mail, cf http://www.bortzmeyer.org/arreter-d-interdire-des-adresses-legales....
Definition: functions.php:233
_md5cr
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
$user
$user
Definition: bootstrap.php:84
$password
$password
Definition: bootstrap.php:85
$bro
$bro
Definition: bootstrap.php:151
$t
foreach($domaines_user as $domaine) $t
Definition: quotas_oneuser.php:86

References $bro, $msg, $password, $t, $user, _md5cr(), and checkloginmail().

◆ alternc_password_policy()

m_hta::alternc_password_policy ( )

Password kind used in this class (hook for admin class)

Returns
array

Definition at line 34 of file m_hta.php.

34  {
35  return array("hta" => "Protected folders passwords");
36  }

◆ change_pass()

m_hta::change_pass (   $user,
  $newpass,
  $dir 
)

Change the password of a user in a protected folder.

Parameters
string$userThe users whose password should be changed
string$newpassThe new password of this user
string$dirThe folder, relative to user root, in which we will change a password
Returns
boolean TRUE if the password has been changed, or FALSE if an error occurred

Definition at line 361 of file m_hta.php.

361  {
362  global $bro, $msg, $admin;
363  $msg->log("hta", "change_pass", $user . "/" . $dir);
364  $absolute = $bro->convertabsolute($dir, 0);
365  if (!file_exists($absolute)) {
366  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
367  return false;
368  }
369 
370  // Check this password against the password policy using common API :
371  if (is_callable(array($admin, "checkPolicy"))) {
372  if (!$admin->checkPolicy("hta", $user, $newpass)) {
373  return false; // The error has been raised by checkPolicy()
374  }
375  }
376 
377  touch("$absolute/.htpasswd.new");
378  $file = fopen("$absolute/.htpasswd", "r");
379  $newf = fopen("$absolute/.htpasswd.new", "a");
380  if (!$file || !$newf) {
381  $msg->raise("ERROR", "hta", _("File already exist"));
382  return false;
383  }
384  while (!feof($file)) {
385  $s = fgets($file, 1024);
386  $t = explode(":", $s);
387  if ($t[0] != $user) {
388  fwrite($newf, "$s");
389  }
390  }
391  fwrite($newf, "$user:" . _md5cr($newpass) . "\n");
392  fclose($file);
393  fclose($newf);
394  unlink("$absolute/.htpasswd");
395  rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
396  return true;
397  }

References $bro, $msg, $t, $user, and _md5cr().

◆ CreateDir()

m_hta::CreateDir (   $dir)

Create a protected folder (.htaccess et .htpasswd)

Parameters
string$dirFolder to protect (relative to user root)
Returns
boolean TRUE if the folder has been protected, or FALSE if an error occurred
Parameters
globalm_mem $mem
globalm_bro $bro
globalm_messages $msg
string$dir
Returns
boolean

Definition at line 66 of file m_hta.php.

66  {
67  global $bro, $msg;
68  $msg->log("hta", "createdir", $dir);
69  $absolute = $bro->convertabsolute($dir, 0);
70  if (!is_dir($absolute)) {
71  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
72  return false;
73  }
74  if (!file_exists("$absolute/.htaccess")) {
75  $file = @fopen("$absolute/.htaccess", "w+");
76  if (!$file) {
77  $msg->raise("ERROR", "hta", _("Error creating .htaccess file: ") . error_get_last()['message']);
78  return false;
79  }
80  fseek($file, 0);
81  $param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \"" . _("Restricted area") . "\"\nAuthType Basic\nrequire valid-user\n";
82  fwrite($file, $param);
83  fclose($file);
84  }
85  if (!file_exists("$absolute/.htpasswd")) {
86  if (!@touch("$absolute/.htpasswd")) {
87  $msg->raise("ERROR", "hta", _("Error creating .htpasswd file: ") . error_get_last()['message']);
88  return false;
89  }
90  return true;
91  }
92  return true;
93  }

References $bro, and $msg.

◆ del_user()

m_hta::del_user (   $lst,
  $dir 
)

Delete a user from a protected folder.

Parameters
globalm_bro $bro
globalm_messages $msg
array$lstAn array with login to delete.
string$dirThe folder, relative to user root, where we want to delete users.
Returns
boolean TRUE if users has been deleted, or FALSE if an error occurred.

Definition at line 321 of file m_hta.php.

321  {
322  global $bro, $msg;
323  $msg->log("hta", "del_user", $lst . "/" . $dir);
324  $absolute = $bro->convertabsolute($dir, 0);
325  if (!file_exists($absolute)) {
326  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
327  return false;
328  }
329  touch("$absolute/.htpasswd.new");
330  $file = fopen("$absolute/.htpasswd", "r");
331  $newf = fopen("$absolute/.htpasswd.new", "a");
332  if (!$file || !$newf) {
333  $msg->raise("ERROR", "hta", _("File already exist"));
334  return false;
335  }
336  reset($lst);
337  fseek($file, 0);
338  while (!feof($file)) {
339  $s = fgets($file, 1024);
340  $t = explode(":", $s);
341  if (!in_array($t[0], $lst) && ($t[0] != "\n")) {
342  fseek($newf, 0);
343  fwrite($newf, "$s");
344  }
345  }
346  fclose($file);
347  fclose($newf);
348  unlink("$absolute/.htpasswd");
349  rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
350  return true;
351  }

References $bro, $msg, and $t.

◆ DelDir()

m_hta::DelDir (   $dir,
  $skip = false 
)

Unprotect a folder.

Parameters
globalm_mem $mem
globalm_bro $bro
globalm_messages $msg
string$dirFolder to unprotect, relative to user root
boolean$skipFor testing purpose mainly, skips the full user path search
Returns
boolean TRUE if the folder has been unprotected, or FALSE if an error occurred

Definition at line 194 of file m_hta.php.

194  {
195  global $bro, $msg;
196  $msg->log("hta", "deldir", $dir);
197  $dir = $bro->convertabsolute($dir, $skip);
198  if (!$dir) {
199  $msg->raise("ERROR", "hta", ("The folder '%s' does not exist"), $dir);
200  return false;
201  }
202  $htaccess_file = "$dir/.htaccess";
203  if (!is_readable($htaccess_file)) {
204  $msg->raise("ERROR", "hta", _("I cannot read the file '%s'"), $htaccess_file);
205  }
206  $fileLines = file($htaccess_file);
207  $patternList = array(
208  "AuthUserFile.*$",
209  "AuthName.*$",
210  "AuthType Basic.*$",
211  "require valid-user.*$"
212  );
213  $count_lines = 0;
214  foreach ($fileLines as $key => $line) {
215  foreach ($patternList as $pattern) {
216  if (preg_match("/" . $pattern . "/", $line)) {
217  $count_lines++;
218  unset($fileLines[$key]);
219  }
220  }
221  }
222  // If no changes
223  if (!$count_lines) {
224  $msg->raise("ALERT", "hta", _("Unexpected: No changes made to '%s'"), $htaccess_file);
225  }
226  // If file is empty, remove it
227  if (!count($fileLines)) {
228  if (!unlink($htaccess_file)) {
229  $msg->raise("ERROR", "hta", _("I could not delete the file '%s'"), $htaccess_file);
230  }
231  } else {
232  file_put_contents($htaccess_file, implode("\n", $fileLines));
233  }
234  $htpasswd_file = "$dir/.htpasswd";
235  if (!is_writable($htpasswd_file)) {
236  $msg->raise("ERROR", "hta", _("I cannot read the file '%s'"), $htpasswd_file);
237  } else if (!unlink($htpasswd_file)) {
238  $msg->raise("ERROR", "hta", _("I cannot delete the file '%s/.htpasswd'"), $dir);
239  return false;
240  }
241 
242  return true;
243  }
$key
if(empty($_POST['key'])||empty($_POST['val'])) $key
Definition: tempovars.php:14

References $bro, $key, and $msg.

◆ get_hta_detail()

m_hta::get_hta_detail (   $dir)

Returns the list of login for a protected folder.

Parameters
globalm_mem $mem
globalm_messages $msg
string$dirThe folder to lookup (relative to user root)
Returns
array An array containing the list of logins from the .htpasswd file, or FALSE

Definition at line 154 of file m_hta.php.

154  {
155  global $mem, $msg;
156  $msg->debug("hta", "get_hta_detail");
157  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
158  if (file_exists("$absolute/.htaccess")) {
159  /* if (!_reading_htaccess($absolute)) {
160  return false;
161  }
162  */
163  }
164  $file = @fopen("$absolute/.htpasswd", "r");
165  $i = 0;
166  $res = array();
167  if (!$file) {
168  return false;
169  }
170  // TODO: Test the validity of a .htpasswd
171  while (!feof($file)) {
172  $s = fgets($file, 1024);
173  $t = explode(":", $s);
174  if ($t[0] != $s) {
175  $res[$i] = $t[0];
176  $i = $i + 1;
177  }
178  }
179  fclose($file);
180  return $res;
181  }
$mem
$mem
Definition: bootstrap.php:71
ALTERNC_HTML
const ALTERNC_HTML
Definition: bootstrap.php:10
$res
$res
Definition: index.php:111
$i
$i
Definition: sql_getparam.php:55

References $i, $mem, $msg, $res, $t, and ALTERNC_HTML.

◆ hook_menu()

m_hta::hook_menu ( )

hook called by menu class to add a menu to the left panel

Returns
array

Definition at line 44 of file m_hta.php.

44  {
45  $obj = array(
46  'title' => _("Protected folders"),
47  'link' => 'hta_list.php',
48  'pos' => 50,
49  );
50 
51  return $obj;
52  }

◆ is_protected()

m_hta::is_protected (   $dir)

Tells if a folder is protected.

Parameters
globalm_mem $mem
globalm_messages $msg
string$dirFolder to check
Returns
boolean If the folder is protected, or FALSE if it is not

Definition at line 134 of file m_hta.php.

134  {
135  global $mem, $msg;
136  $msg->debug("hta", "is_protected", $dir);
137  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
138  if (file_exists("$absolute/.htpasswd")) {
139  return true;
140  } else {
141  return false;
142  }
143  }

References $mem, $msg, and ALTERNC_HTML.

◆ ListDir()

m_hta::ListDir ( )

Returns the list of all user folder currently protected by a .htpasswd file.

Parameters
globalm_messages $msg
globalm_mem $mem
Returns
array Array containing user folder list

Definition at line 103 of file m_hta.php.

103  {
104  global$msg, $mem;
105  $msg->debug("hta", "listdir");
106  $sortie = array();
107  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"];
108  exec("find " . escapeshellarg($absolute) . " -name .htpasswd|sort", $sortie);
109  if (!count($sortie)) {
110  $msg->raise("INFO", "hta", _("No protected folder"));
111  return false;
112  }
113  $pattern = "/^" . preg_quote(ALTERNC_HTML, "/") . "\/.\/[^\/]*\/(.*)\/\.htpasswd/";
114 
115  $r = array();
116  for ($i = 0; $i < count($sortie); $i++) {
117  $matches = array();
118  preg_match($pattern, $sortie[$i], $matches);
119  $tmpm = isset($matches[1]) ? '/' . $matches[1] : '';
120  $r[$i] = $tmpm . "/";
121  }
122  return $r;
123  }
$r
$r
Definition: aws_add.php:75

References $i, $mem, $msg, $r, and ALTERNC_HTML.

The documentation for this class was generated from the following file: