Alternc  latest
Alternc logiel libre pour l'h├ębergement
 All Classes Namespaces Files Functions Variables Pages
m_hta Class Reference

This class handle folder web restricted access through .htaccess/.htpassword files. More...

Public Member Functions

 alternc_password_policy ()
 Password kind used in this class (hook for admin class) More...
 
 hook_menu ()
 hook called by menu class to add a menu to the left panel More...
 
 CreateDir ($dir)
 Create a protected folder (.htaccess et .htpasswd) More...
 
 ListDir ()
 Returns the list of all user folder currently protected by a .htpasswd file. More...
 
 is_protected ($dir)
 Tells if a folder is protected. More...
 
 get_hta_detail ($dir)
 Returns the list of login for a protected folder. More...
 
 DelDir ($dir, $skip=false)
 Unprotect a folder. More...
 
 add_user ($user, $password, $dir)
 Add a user to a protected folder. More...
 
 del_user ($lst, $dir)
 Delete a user from a protected folder. More...
 
 change_pass ($user, $newpass, $dir)
 Change the password of a user in a protected folder. More...
 

Private Member Functions

 _reading_htaccess ($absolute)
 Check that a .htaccess file is valid (for authentication) More...
 

Detailed Description

This class handle folder web restricted access through .htaccess/.htpassword files.

Definition at line 27 of file m_hta.php.

Member Function Documentation

m_hta::_reading_htaccess (   $absolute)
private

Check that a .htaccess file is valid (for authentication)

Parameters
globalm_messages $msg
type$absolute
string$absoluteFolder we want to check (relative to user root)
Returns
boolean TRUE is the .htaccess is protecting this folder, or FALSE else

Definition at line 409 of file m_hta.php.

References $msg.

409  {
410  global $msg;
411  $msg->log("hta", "_reading_htaccess", $absolute);
412  $file = fopen("$absolute/.htaccess", "r+");
413  $lignes = array(1, 1, 1);
414  $errr = 0;
415  if (!$file) {
416  return false;
417  }
418  while (!feof($file) && !$errr) {
419  $s = fgets($file, 1024);
420  if (substr($s, 0, 12) != "RewriteCond " && substr($s, 0, 14) != "ErrorDocument " && substr($s, 0, 12) != "RewriteRule " && substr($s, 0, 14) != "RewriteEngine " && trim($s) != "") {
421  $errr = 1;
422  }
423  if (strtolower(trim($s)) == strtolower("authuserfile $absolute/.htpasswd")) {
424  $lignes[0] = 0;
425  $errr = 0;
426  } // authuserfile
427  if (strtolower(trim($s)) == "require valid-user") {
428  $lignes[1] = 0;
429  $errr = 0;
430  } //require
431  if (strtolower(trim($s)) == "authtype basic") {
432  $lignes[2] = 0;
433  $errr = 0;
434  } //authtype
435  } // Reading config file
436  fclose($file);
437  if ($errr || in_array(0, $lignes)) {
438  $msg->raise("ERROR", "hta", _("An incompatible .htaccess file exists in this folder"));
439  return false;
440  }
441  return true;
442  }
$msg
Definition: config.php:155
m_hta::add_user (   $user,
  $password,
  $dir 
)

Add a user to a protected folder.

Parameters
globalm_messages $msg
globalm_bro $bro
globalm_admin $admin
string$user
string$password
string$dir
string$passwordThe password to add (cleartext)
string$dirThe folder we add it to (relative to user root).
Returns
boolean TRUE if the user has been added, or FALSE if an error occurred

Definition at line 260 of file m_hta.php.

References $bro, $msg, $password, $t, $user, _md5cr(), and checkloginmail().

260  {
261  global $msg, $bro, $admin;
262  $msg->log("hta", "add_user", $user . "/" . $dir);
263  if (empty($user)) {
264  $msg->raise("ERROR", 'hta', _("Please enter a user"));
265  return false;
266  }
267  if (empty($password)) {
268  $msg->raise("ERROR", 'hta', _("Please enter a password"));
269  return false;
270  }
271  $absolute = $bro->convertabsolute($dir, 0);
272  if (!file_exists($absolute)) {
273  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
274  return false;
275  }
276  // @todo delete cf!. functions.php checkloginemail definition
277  if (checkloginmail($user)) {
278  // Check this password against the password policy using common API :
279  if (is_callable(array($admin, "checkPolicy"))) {
280  if (!$admin->checkPolicy("hta", $user, $password)) {
281  return false; // The error has been raised by checkPolicy()
282  }
283  }
284 
285  $file = @fopen("$absolute/.htpasswd", "a+");
286  if (!$file) {
287  $msg->raise("ERROR", "hta", _("File already exist"));
288  return false;
289  }
290  fseek($file, 0);
291  while (!feof($file)) {
292  $s = fgets($file, 1024);
293  $t = explode(":", $s);
294  if ($t[0] == $user) {
295  $msg->raise("ERROR", "hta", _("The user '%s' already exist for this folder"), $user);
296  return false;
297  }
298  }
299  fseek($file, SEEK_END);
300  if (empty($t[1]) || substr($t[1], -1) != "\n") {
301  fwrite($file, "\n");
302  }
303  fwrite($file, "$user:" . _md5cr($password) . "\n");
304  fclose($file);
305  return true;
306  } else {
307  $msg->raise("ERROR", "hta", _("Please enter a valid username"));
308  return false;
309  }
310  }
$user
Definition: bootstrap.php:84
$bro
Definition: bootstrap.php:151
checkloginmail($mail)
Check a login mail, cf http://www.bortzmeyer.org/arreter-d-interdire-des-adresses-legales.html.
Definition: functions.php:233
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
$password
Definition: bootstrap.php:85
m_hta::alternc_password_policy ( )

Password kind used in this class (hook for admin class)

Returns
array

Definition at line 34 of file m_hta.php.

34  {
35  return array("hta" => "Protected folders passwords");
36  }
m_hta::change_pass (   $user,
  $newpass,
  $dir 
)

Change the password of a user in a protected folder.

Parameters
string$userThe users whose password should be changed
string$newpassThe new password of this user
string$dirThe folder, relative to user root, in which we will change a password
Returns
boolean TRUE if the password has been changed, or FALSE if an error occurred

Definition at line 362 of file m_hta.php.

References $bro, $msg, $t, $user, and _md5cr().

362  {
363  global $bro, $msg, $admin;
364  $msg->log("hta", "change_pass", $user . "/" . $dir);
365  $absolute = $bro->convertabsolute($dir, 0);
366  if (!file_exists($absolute)) {
367  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
368  return false;
369  }
370 
371  // Check this password against the password policy using common API :
372  if (is_callable(array($admin, "checkPolicy"))) {
373  if (!$admin->checkPolicy("hta", $user, $newpass)) {
374  return false; // The error has been raised by checkPolicy()
375  }
376  }
377 
378  touch("$absolute/.htpasswd.new");
379  $file = fopen("$absolute/.htpasswd", "r");
380  $newf = fopen("$absolute/.htpasswd.new", "a");
381  if (!$file || !$newf) {
382  $msg->raise("ERROR", "hta", _("File already exist"));
383  return false;
384  }
385  while (!feof($file)) {
386  $s = fgets($file, 1024);
387  $t = explode(":", $s);
388  if ($t[0] != $user) {
389  fwrite($newf, "$s");
390  }
391  }
392  fwrite($newf, "$user:" . _md5cr($newpass) . "\n");
393  fclose($file);
394  fclose($newf);
395  unlink("$absolute/.htpasswd");
396  rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
397  return true;
398  }
$user
Definition: bootstrap.php:84
$bro
Definition: bootstrap.php:151
_md5cr($pass, $salt="")
Hashe a password using proper crypto function.
Definition: functions.php:533
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
m_hta::CreateDir (   $dir)

Create a protected folder (.htaccess et .htpasswd)

Parameters
string$dirFolder to protect (relative to user root)
Returns
boolean TRUE if the folder has been protected, or FALSE if an error occurred
Parameters
globalm_mem $mem
globalm_bro $bro
globalm_messages $msg
string$dir
Returns
boolean

Definition at line 67 of file m_hta.php.

References $bro, and $msg.

67  {
68  global $bro, $msg;
69  $msg->log("hta", "createdir", $dir);
70  $absolute = $bro->convertabsolute($dir, 0);
71  if (!is_dir($absolute)) {
72  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
73  return false;
74  }
75  if (!file_exists("$absolute/.htaccess")) {
76  $file = @fopen("$absolute/.htaccess", "w+");
77  if (!$file) {
78  $msg->raise("ERROR", "hta", _("Error creating .htaccess file: ") . error_get_last()['message']);
79  return false;
80  }
81  fseek($file, 0);
82  $param = "AuthUserFile \"$absolute/.htpasswd\"\nAuthName \"" . _("Restricted area") . "\"\nAuthType Basic\nrequire valid-user\n";
83  fwrite($file, $param);
84  fclose($file);
85  }
86  if (!file_exists("$absolute/.htpasswd")) {
87  if (!@touch("$absolute/.htpasswd")) {
88  $msg->raise("ERROR", "hta", _("Error creating .htpasswd file: ") . error_get_last()['message']);
89  return false;
90  }
91  return true;
92  }
93  return true;
94  }
$bro
Definition: bootstrap.php:151
$msg
Definition: config.php:155
m_hta::del_user (   $lst,
  $dir 
)

Delete a user from a protected folder.

Parameters
globalm_bro $bro
globalm_messages $msg
array$lstAn array with login to delete.
string$dirThe folder, relative to user root, where we want to delete users.
Returns
boolean TRUE if users has been deleted, or FALSE if an error occurred.

Definition at line 322 of file m_hta.php.

References $bro, $msg, and $t.

322  {
323  global $bro, $msg;
324  $msg->log("hta", "del_user", $lst . "/" . $dir);
325  $absolute = $bro->convertabsolute($dir, 0);
326  if (!file_exists($absolute)) {
327  $msg->raise("ERROR", "hta", _("The folder '%s' does not exist"), $dir);
328  return false;
329  }
330  touch("$absolute/.htpasswd.new");
331  $file = fopen("$absolute/.htpasswd", "r");
332  $newf = fopen("$absolute/.htpasswd.new", "a");
333  if (!$file || !$newf) {
334  $msg->raise("ERROR", "hta", _("File already exist"));
335  return false;
336  }
337  reset($lst);
338  fseek($file, 0);
339  while (!feof($file)) {
340  $s = fgets($file, 1024);
341  $t = explode(":", $s);
342  if (!in_array($t[0], $lst) && ($t[0] != "\n")) {
343  fseek($newf, 0);
344  fwrite($newf, "$s");
345  }
346  }
347  fclose($file);
348  fclose($newf);
349  unlink("$absolute/.htpasswd");
350  rename("$absolute/.htpasswd.new", "$absolute/.htpasswd");
351  return true;
352  }
$bro
Definition: bootstrap.php:151
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
m_hta::DelDir (   $dir,
  $skip = false 
)

Unprotect a folder.

Parameters
globalm_mem $mem
globalm_bro $bro
globalm_messages $msg
string$dirFolder to unprotect, relative to user root
boolean$skipFor testing purpose mainly, skips the full user path search
Returns
boolean TRUE if the folder has been unprotected, or FALSE if an error occurred

Definition at line 195 of file m_hta.php.

References $bro, $key, and $msg.

195  {
196  global $bro, $msg;
197  $msg->log("hta", "deldir", $dir);
198  $dir = $bro->convertabsolute($dir, $skip);
199  if (!$dir) {
200  $msg->raise("ERROR", "hta", ("The folder '%s' does not exist"), $dir);
201  return false;
202  }
203  $htaccess_file = "$dir/.htaccess";
204  if (!is_readable($htaccess_file)) {
205  $msg->raise("ERROR", "hta", _("I cannot read the file '%s'"), $htaccess_file);
206  }
207  $fileLines = file($htaccess_file);
208  $patternList = array(
209  "AuthUserFile.*$",
210  "AuthName.*$",
211  "AuthType Basic.*$",
212  "require valid-user.*$"
213  );
214  $count_lines = 0;
215  foreach ($fileLines as $key => $line) {
216  foreach ($patternList as $pattern) {
217  if (preg_match("/" . $pattern . "/", $line)) {
218  $count_lines++;
219  unset($fileLines[$key]);
220  }
221  }
222  }
223  // If no changes
224  if (!$count_lines) {
225  $msg->raise("ALERT", "hta", _("Unexpected: No changes made to '%s'"), $htaccess_file);
226  }
227  // If file is empty, remove it
228  if (!count($fileLines)) {
229  if (!unlink($htaccess_file)) {
230  $msg->raise("ERROR", "hta", _("I could not delete the file '%s'"), $htaccess_file);
231  }
232  } else {
233  file_put_contents($htaccess_file, implode("\n", $fileLines));
234  }
235  $htpasswd_file = "$dir/.htpasswd";
236  if (!is_writable($htpasswd_file)) {
237  $msg->raise("ERROR", "hta", _("I cannot read the file '%s'"), $htpasswd_file);
238  } else if (!unlink($htpasswd_file)) {
239  $msg->raise("ERROR", "hta", _("I cannot delete the file '%s/.htpasswd'"), $dir);
240  return false;
241  }
242 
243  return true;
244  }
$bro
Definition: bootstrap.php:151
$msg
Definition: config.php:155
if(empty($_POST['key'])||empty($_POST['val'])) $key
Definition: tempovars.php:14
m_hta::get_hta_detail (   $dir)

Returns the list of login for a protected folder.

Parameters
globalm_mem $mem
globalm_messages $msg
string$dirThe folder to lookup (relative to user root)
Returns
array An array containing the list of logins from the .htpasswd file, or FALSE

Definition at line 155 of file m_hta.php.

References $i, $mem, $msg, $res, $t, and ALTERNC_HTML.

155  {
156  global $mem, $msg;
157  $msg->log("hta", "get_hta_detail");
158  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
159  if (file_exists("$absolute/.htaccess")) {
160  /* if (!_reading_htaccess($absolute)) {
161  return false;
162  }
163  */
164  }
165  $file = @fopen("$absolute/.htpasswd", "r");
166  $i = 0;
167  $res = array();
168  if (!$file) {
169  return false;
170  }
171  // TODO: Test the validity of a .htpasswd
172  while (!feof($file)) {
173  $s = fgets($file, 1024);
174  $t = explode(":", $s);
175  if ($t[0] != $s) {
176  $res[$i] = $t[0];
177  $i = $i + 1;
178  }
179  }
180  fclose($file);
181  return $res;
182  }
$i
const ALTERNC_HTML
Definition: bootstrap.php:10
$res
Definition: index.php:125
$msg
Definition: config.php:155
foreach($domaines_user as $domaine) $t
$mem
Definition: bootstrap.php:71
m_hta::hook_menu ( )

hook called by menu class to add a menu to the left panel

Returns
array

Definition at line 44 of file m_hta.php.

44  {
45  $obj = array(
46  'title' => _("Protected folders"),
47  'ico' => 'images/password.png',
48  'link' => 'hta_list.php',
49  'pos' => 50,
50  );
51 
52  return $obj;
53  }
m_hta::is_protected (   $dir)

Tells if a folder is protected.

Parameters
globalm_mem $mem
globalm_messages $msg
string$dirFolder to check
Returns
boolean If the folder is protected, or FALSE if it is not

Definition at line 135 of file m_hta.php.

References $mem, $msg, and ALTERNC_HTML.

135  {
136  global $mem, $msg;
137  $msg->log("hta", "is_protected", $dir);
138  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
139  if (file_exists("$absolute/.htpasswd")) {
140  return true;
141  } else {
142  return false;
143  }
144  }
const ALTERNC_HTML
Definition: bootstrap.php:10
$msg
Definition: config.php:155
$mem
Definition: bootstrap.php:71
m_hta::ListDir ( )

Returns the list of all user folder currently protected by a .htpasswd file.

Parameters
globalm_messages $msg
globalm_mem $mem
Returns
array Array containing user folder list

Definition at line 104 of file m_hta.php.

References $i, $mem, $msg, $r, and ALTERNC_HTML.

104  {
105  global$msg, $mem;
106  $msg->log("hta", "listdir");
107  $sortie = array();
108  $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"];
109  exec("find " . escapeshellarg($absolute) . " -name .htpasswd|sort", $sortie);
110  if (!count($sortie)) {
111  $msg->raise("INFO", "hta", _("No protected folder"));
112  return false;
113  }
114  $pattern = "/^" . preg_quote(ALTERNC_HTML, "/") . "\/.\/[^\/]*\/(.*)\/\.htpasswd/";
115 
116  $r = array();
117  for ($i = 0; $i < count($sortie); $i++) {
118  $matches = array();
119  preg_match($pattern, $sortie[$i], $matches);
120  $tmpm = isset($matches[1]) ? '/' . $matches[1] : '';
121  $r[$i] = $tmpm . "/";
122  }
123  return $r;
124  }
$r
Definition: aws_add.php:75
$i
const ALTERNC_HTML
Definition: bootstrap.php:10
$msg
Definition: config.php:155
$mem
Definition: bootstrap.php:71

The documentation for this class was generated from the following file: