alert("Der Benutzer wurde nicht angelegt. (Enthält der Benutzername unzulässige Zeichen?)") '; } } if (isset($_GET['kill']) && $_GET['kill']) { $user=trim($_GET['kill']); if ( ! CheckHtaccess($GLOBALS['config']['htaccessfile']) || ( isset($_SERVER["PHP_AUTH_USER"]) && $strUser != $_SERVER["PHP_AUTH_USER"] ) ) { KillUser ($config['userfile'],$user); } else { $warnung.=''; } } if (isset($_POST['Ein']) && $_POST['Ein']) { $arUsers=GetUserArray($config['userfile']); if ( (isset($arUsers[0])) && ($arUsers[0]) ) { AddToHtaccess($config['htaccessfile'], $config['userfile'], $config['authname']); header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?tw='.md5(microtime())); exit; } else { $warnung.=''; } } if (isset($_POST['Aus']) && $_POST['Aus']) { DelFromHtaccess($config['htaccessfile']); } if (CheckHtaccess($config['htaccessfile'])) { $strSchutz="Der Verzeichnisschutz ist eingeschaltet."; $strShowEinbutton="none"; $strShowAusbutton="inline"; } else { $strSchutz="Der Verzeichnisschutz ist ausgeschaltet."; $strShowEinbutton="inline"; $strShowAusbutton="none"; } /* Funktionen */ function StripSlashesDeepInHash($hash) { if (! isset($hash)) { die ("Fatal: kein Wert an Funktion 'TrimAndStripSlashesDeepInHash' uebergeben. Datei: ".$_SERVER['SCRIPT_NAME']); } if (is_array($hash)) { $arKeys=array_keys($hash); foreach ($arKeys as $strKey) { if (is_array($hash[$strKey])) { $hash[$strKey]=StripSlashesDeepInHash($hash[$strKey]); } else { $hash[$strKey]=stripslashes($hash[$strKey]); } } } else { $hash=stripslashes($hash); } return $hash; } function GetUserArray($userfile) { $users=array(); $arLines=file($userfile); foreach ($arLines as $strLine) { $parts=array(); $parts=explode(':', $strLine,2); $parts[0]=trim($parts[0]); if ('' != $parts[0]) { $users[]=$parts[0]; } } $dummy=sort($users); return $users; } function PrintUserList($userfile) { $arUsers=GetUserArray($userfile); print " \n"; } function PrintFile($file) { $ar=file($file); $str=htmlentities(implode("",$ar)); print "
$str
"; } function KillUser($userfile, $user) { $newFile=''; $arFile=file($userfile); foreach ($arFile as $strLine) { $arLine=explode(':',$strLine,2); if ($arLine[0] != $user && $arLine[0] != '' && isset($arLine[1])) { $newFile.=$arLine[0].':'.trim($arLine[1])."\n"; } } $FH=fopen($userfile,'w'); fwrite ($FH, $newFile); fclose($FH); } function AddUser($userfile, $user, $password) { KillUser($userfile, $user); if (strpos(':',$user)) { return false; } $apachepassword = md5crypt_apache($password); $newline=$user.':'.$apachepassword ; $FH=fopen($userfile,'a'); fwrite ($FH, $newline); fclose($FH); return true; } function AddToHtaccess($htaccessfile, $userfile, $authname) { $text=' AuthType basic AuthName "'.$authname.'" AuthUserFile '.dirname($_SERVER['SCRIPT_FILENAME']).'/'.$userfile.' Require valid-user '; $FH=fopen($htaccessfile,'a'); fwrite ($FH, $text); fclose($FH); } function DelFromHtaccess($htaccessfile) { $write=true; $text=''; $arFile=array(); $arFile=file($htaccessfile); #print_r($arFile);exit; foreach ($arFile as $strLine) { $strLine=trim($strLine); if ($strLine !='') { if (! strpos($strLine, 'uth')) { if (! strpos($strLine, 'valid-user')) { $text.=$strLine."\n"; } } } } $FH=fopen($htaccessfile,'w'); fwrite ($FH, $text); fclose($FH); } function CheckHtaccess($htaccessfile) { $arFile=file($htaccessfile); $bol=false; foreach ($arFile as $strLine) { $strLine=trim($strLine); if ($strLine !='') { if (strpos($strLine, 'uth')) {$bol=true;} if (strpos($strLine, 'valid-user')) {$bol=true;} } } return $bol; } /** This part is based on a script written by - Dennis Riehle Based on - perl's Crypt::PasswdMD5 by Luis Munoz (lem@cantv.net) - phyton's md5crypt.py by Michal Wallace http://www.sabren.com/ - /usr/src/libcrypt/crypt.c from FreeBSD 2.2.5-RELEASE Many thanks to - Fabian Steiner without him this script would not work!! Version: 1.0 stable Last edit: Tue, 13 September 2005 13:49:28 GMT USAGE $cryptedpassword = md5crypt_unix ($password [, $salt [, $magicstring ]); $apachepassword = md5crypt_apache ($password [, $salt]); DESCRIPTION unix_md5_crypt() provides a crypt()-compatible interface to the rather new MD5-based crypt() function found in modern operating systems. It's based on the implementation found on FreeBSD 2.2.[56]-RELEASE and contains the following license in it: "THE BEER-WARE LICENSE" (Revision 42): wrote this file. As long as you retain this notice you can do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp apache_md5_crypt() provides a function compatible with Apache's .htpasswd files. This was contributed by Bryan Hart . */ function get_itoa64() { return './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; } function md5crypt_to64($v, $n) { $itoa64 = get_itoa64(); $ret = ''; while(--$n >= 0) { $ret .= $itoa64{$v & 0x3f}; $v = $v >> 6; } return $ret; } function md5crypt_apache($pw, $salt = NULL) { $Magic = '$apr1$'; return md5crypt_unix($pw, $salt, $Magic); } function md5crypt_unix($pw, $salt = NULL, $Magic = '$1$') { $itoa64 = get_itoa64(); if($salt !== NULL) { // Take care of the magic string if present if(substr($salt, 0, strlen($Magic)) == $Magic) { $salt = substr($salt, strlen($Magic), strlen($salt)); } // Salt can have up to 8 characters $parts = explode('$', $salt, 1); $salt = substr($parts[0], 0, 8); } else { $salt = ''; mt_srand((double)(microtime() * 10000000)); while(strlen($salt) < 8) { $salt .= $itoa64{mt_rand(0, strlen($itoa64)-1)}; # Jörg Reinholz: origin was strlen($itoa64) bit this generate one notice- index 64 not set. } } $ctx = $pw . $Magic . $salt; $final = pack('H*', md5($pw . $salt . $pw)); for ($pl = strlen($pw); $pl > 0; $pl -= 16) { $ctx .= substr($final, 0, ($pl > 16) ? 16 : $pl); } // Now the 'weird' xform for($i = strlen($pw); $i; $i >>= 1) { if($i & 1) { // This comes from the original version, $ctx .= pack("C", 0); // where a memset() is done to $final } else { // before this loop $ctx .= $pw{0}; } } $final = pack('H*', md5($ctx)); // The following is supposed to make // things run slower for($i = 0; $i < 1000; $i++) { $ctx1 = ''; if($i & 1) { $ctx1 .= $pw; } else { $ctx1 .= substr($final, 0, 16); } if($i % 3) { $ctx1 .= $salt; } if($i % 7) { $ctx1 .= $pw; } if($i & 1) { $ctx1 .= substr($final, 0, 16); } else { $ctx1 .= $pw; } $final = pack('H*', md5($ctx1)); } // Final xform $passwd = ''; $passwd .= md5crypt_to64((intval(ord($final{0})) << 16) |(intval(ord($final{6})) << 8) |(intval(ord($final{12}))),4); $passwd .= md5crypt_to64((intval(ord($final{1})) << 16) |(intval(ord($final{7})) << 8) |(intval(ord($final{13}))), 4); $passwd .= md5crypt_to64((intval(ord($final{2})) << 16) |(intval(ord($final{8})) << 8) |(intval(ord($final{14}))), 4); $passwd .= md5crypt_to64((intval(ord($final{3})) << 16) |(intval(ord($final{9})) << 8) |(intval(ord($final{15}))), 4); $passwd .= md5crypt_to64((intval(ord($final{4}) << 16) |(intval(ord($final{10})) << 8) |(intval(ord($final{5})))), 4); $passwd .= md5crypt_to64((intval(ord($final{11}))), 2); // Return the final string return $Magic . $salt . '$' . $passwd; } # end of the helpful script from Dennis Riehle ?> Passwortverwaltung

Benutzerverwaltung
für das Verzeichnis:

Hinweis: Um einem Benutzer ein neues Passwort zuzuweisen legen Sie diesen neu an. Vorheriges Löschen ist nicht notwendig.

Verzeichnisschutz:

 
Neuen Benutzer anlegen:


Benutzer löschen:

Hier sehen Sie Dateien, die mit diesem Skript bearbeitet werden.
Welche das sind bestimmen Sie im Konfigurationsteil.

Inhalt der Datei :
Inhalt der Datei :

Version 2.5.2 von Jörg Reinholz (http://www.fastix.de) - MD5 Passwortgenerator von Dennis Riehle (http://riehle-web.com)