Stefan Ostermann 8 роки тому
батько
коміт
6a9a41d21a

+ 3 - 0
sites/html/htadmin/config/config.ini

@@ -7,6 +7,9 @@ app_title = HTAdmin
 # Path to html files which have to be secured: 
 secure_path  = ../test/
 
+# Use metadata (not yet implemented):
+use_metadata = false
+
 # Default password = admin
 # Change this for live!
 admin_user = admin

+ 15 - 2
sites/html/htadmin/index.php

@@ -4,7 +4,8 @@ include_once ('tools/htpasswd.php');
 include_once ('includes/head.php');
 include_once ('includes/nav.php');
 
-$htpasswd = new htpasswd ( $ini ['secure_path'] );
+$htpasswd = new htpasswd ( $ini ['secure_path'], true);
+$use_metadata = $ini ['use_metadata'];
 
 ?>
 
@@ -72,8 +73,20 @@ if (isset ( $_POST ['user'] )) {
 			<ul class="list-group">
 			<?php
 			$users = $htpasswd->get_users ();
+			if ($use_metadata) {
+				$meta_map = $htpasswd->get_metadata();
+			}
+			
 			foreach ( $users as $user ) {
-				echo "<li class='list-group-item list-item-with-button id-" . htmlspecialchars ( $user ) . "' onclick=\"setUserField('" . $user . "');\">" . htmlspecialchars ( $user ) . "<a class='btn btn-danger btn-list-item pull-right' " . "onclick=\"deleteUser('" . $user . "');\"" . "href='#' >Delete</a>" . "</li>\n";
+				echo "<li class='list-group-item list-item-with-button id-" . htmlspecialchars ( $user ) . 
+				" ' onclick=\"setUserField('" . htmlspecialchars ( $user ) . "');\">" . 
+				htmlspecialchars ( $user ) . " ";
+				if ($use_metadata && isset ($meta_map[$user])) {
+					echo $meta_map[$user]->email . " " .
+					$meta_map[$user]->name . " ";
+				}				
+				"<a class='btn btn-danger btn-list-item pull-right' " . 
+				"onclick=\"deleteUser('" . htmlspecialchars ( $user ) . "');\"" . "href='#' >Delete</a>" . "</li>\n";
 			}
 			?>
 			</ul>

+ 7 - 0
sites/html/htadmin/model/meta_model.php

@@ -0,0 +1,7 @@
+<?php 
+class meta_model {
+	var $user;
+	var $email;
+	var $name;
+}	
+?>

+ 63 - 24
sites/html/htadmin/tools/htpasswd.php

@@ -1,47 +1,77 @@
 <?php
-
+include_once("model/meta_model.php");
 /**
  * htpasswd tools for Apache Basic Auth. 
  * Uses crypt only!
-  *
+ *
  */
 class htpasswd {
 	var $fp;
+	var $metafp;
 	var $filename;
-	
+	var $metafilename;
+	var $use_metadata;
+
+	/* All ht-files. These files are stored within the secured folder. */
 	const HTPASSWD_NAME = ".htpasswd";
 	const HTACCESS_NAME = ".htaccess";
-
+	const HTMETA_NAME	= ".htmeta";
 	
-	function htpasswd($configpath) {
+	function htpasswd($configpath, $use_metadata = false) {
 		$path = realpath($configpath);
 		$htaccessfile = $path . "/" . self::HTACCESS_NAME;
 		$htpasswdfile = $path . "/" . self::HTPASSWD_NAME;
+		@$this->use_metadata = $use_metadata;
 		
 		if (!file_exists($htaccessfile)) {
 			$bdfp = fopen($htaccessfile, 'w');
-			$htaccess_content = "AuthType Basic\nAuthName \"Password Protected Area\"\nAuthUserFile \"" . $htpasswdfile . "\"\nRequire valid-user";
+			$htaccess_content = "AuthType Basic\nAuthName \"Password Protected Area\"\nAuthUserFile \"" . $htpasswdfile . 
+			"\"\nRequire valid-user" .
+			"<Files .ht*>\nOrder deny,allow\nDeny from all\n</Files>";
 			fwrite($bdfp,$htaccess_content);
 		}
+		
+		@$this->fp = @$this::open_or_create($htpasswdfile);
+		
+		if ($use_metadata) {
+			$htmetafile = $path . "/" . self::HTMETA_NAME;
+			@$this->metafp = @$this::open_or_create($htmetafile);				
+		}
 
-		if (!file_exists($htpasswdfile)) {
-			@$this->fp = fopen ( $htpasswdfile, 'w+' );
+		$this->filename 	= $htpasswdfile;
+		$this->metafilename = $htmetafile;
+	}
+	
+	function open_or_create($filename) {
+		if (!file_exists($filename)) {
+			return fopen ( $filename, 'w+' );
 		} else {
-			@$this->fp = fopen ( $htpasswdfile, 'r+' ) or die ( 'Invalid file name' );
+			return fopen ( $filename, 'r+' );
 		}
-		
-
-		
-		
-		$this->filename = $htpasswdfile;
 	}
+	
 	function user_exists($username) {
 		rewind ( $this->fp );
 		while ( ! feof ( $this->fp ) && trim ( $lusername = array_shift ( explode ( ":", $line = rtrim ( fgets ( $this->fp ) ) ) ) ) ) {
 			if ($lusername == $username)
-				return 1;
+				return true;
 		}
-		return 0;
+		return false;
+	}
+	
+	function get_metadata() {
+		rewind ( $this->metafp );
+		$meta_model_map = array();
+		$metaarr = array();
+		while ( ! feof ( $this->metafp ) && $line = rtrim ( fgets ( $this->metafp ) ) ) {
+				$metaarr = explode(":", $line);
+				$model = new meta_model();
+				$model->user = $metaarr[0];
+				$model->email = $metaarr[1];
+				$model->name = $metaarr[2];
+				$meta_model_map[$model->user] = $model;
+		}
+		return $meta_model_map;
 	}
 	
 	function get_users() {
@@ -98,21 +128,30 @@ class htpasswd {
 	
 	
 	function user_delete($username) {
+		return self::delete(@$this->fp, $username, @$this->filename);
+	}
+	
+	function meta_delete($username) {
+		return self::delete(@$this->metafp, $username, @$this->metafilename);
+	}
+	
+	static function delete($fp, $username, $filename) {
 		$data = '';
-		rewind ( $this->fp );
-		while ( ! feof ( $this->fp ) && trim ( $lusername = array_shift ( explode ( ":", $line = rtrim ( fgets ( $this->fp ) ) ) ) ) ) {
+		rewind ( $fp );
+		while ( ! feof ( $fp ) && trim ( $lusername = array_shift ( explode ( ":", $line = rtrim ( fgets ( $fp ) ) ) ) ) ) {
 			if (! trim ( $line ))
 				break;
-			if ($lusername != $username)
-				$data .= $line . "\n";
+				if ($lusername != $username)
+					$data .= $line . "\n";
 		}
-		$this->fp = fopen ( $this->filename, 'w' );
-		fwrite ( $this->fp, rtrim ( $data ) . (trim ( $data ) ? "\n" : '') );
-		fclose ( $this->fp );
-		$this->fp = fopen ( $this->filename, 'r+' );
+		$fp = fopen ( $filename, 'w' );
+		fwrite ( $fp, rtrim ( $data ) . (trim ( $data ) ? "\n" : '') );
+		fclose ( $fp );
+		$fp = fopen ( $filename, 'r+' );
 		return true;
 	}
 	
+	
 	function user_update($username, $password) {
 		rewind ( $this->fp );
 		while ( ! feof ( $this->fp ) && trim ( $lusername = array_shift ( explode ( ":", $line = rtrim ( fgets ( $this->fp ) ) ) ) ) ) {