2 // PukiWiki - Yet another WikiWikiWeb clone.
4 // Copyright 2001-2017 PukiWiki Development Team
5 // License: GPL v2 or (at your option) any later version
7 // MD5 plugin: Allow to convert password/passphrase
8 // * PHP sha1() -- If you have sha1() or mhash extension
11 // * LDAP SHA / SSHA -- If you have sha1() or mhash extension
15 // User interface of pkwk_hash_compute() for system admin
16 function plugin_md5_action()
20 if (PKWK_SAFE_MODE || PKWK_READONLY) die_message('Prohibited by admin');
23 $phrase = isset($post['phrase']) ? $post['phrase'] : '';
28 // If plugin=md5&md5=password, only set it (Don't compute)
29 $value = isset($get['md5']) ? $get['md5'] : '';
32 'msg' =>'Compute userPassword',
33 'body'=>plugin_md5_show_form(isset($post['phrase']), $value));
36 // Compute (Don't show its $phrase at the same time)
38 $prefix = isset($post['prefix']);
39 $salt = isset($post['salt']) ? $post['salt'] : '';
41 // With scheme-prefix or not
42 if (! preg_match('/^\{.+\}.*$/', $salt)) {
43 $scheme = isset($post['scheme']) ? '{' . $post['scheme'] . '}': '';
44 $salt = $scheme . $salt;
50 //($prefix ? 'userPassword: ' : '') .
51 pkwk_hash_compute($phrase, $salt, $prefix, TRUE));
55 // $nophrase = Passphrase is (submitted but) empty
56 // $value = Default passphrase value
57 function plugin_md5_show_form($nophrase = FALSE, $value = '')
59 if (PKWK_SAFE_MODE || PKWK_READONLY) die_message('Prohibited');
60 if (strlen($value) > PKWK_PASSPHRASE_LIMIT_LENGTH)
61 die_message('Limit: malicious message length');
63 if ($value != '') $value = 'value="' . htmlsc($value) . '" ';
65 $sha1_enabled = function_exists('sha1');
66 $sha1_checked = $md5_checked = '';
68 $sha1_checked = 'checked="checked" ';
70 $md5_checked = 'checked="checked" ';
73 $self = get_base_uri();
76 <p><strong>NOTICE: Don't use this feature via untrustful or unsure network</strong></p>
80 if ($nophrase) $form .= '<strong>NO PHRASE</strong><br />';
83 <form action="$self" method="post">
85 <input type="hidden" name="plugin" value="md5" />
86 <label for="_p_md5_phrase">Phrase:</label>
87 <input type="text" name="phrase" id="_p_md5_phrase" size="60" $value/><br />
90 if ($sha1_enabled) $form .= <<<EOD
91 <input type="radio" name="scheme" id="_p_md5_sha1" value="x-php-sha1" />
92 <label for="_p_md5_sha1">PHP sha1()</label><br />
96 <input type="radio" name="scheme" id="_p_md5_md5" value="x-php-md5" />
97 <label for="_p_md5_md5">PHP md5()</label><br />
98 <input type="radio" name="scheme" id="_p_md5_crpt" value="x-php-crypt" />
99 <label for="_p_md5_crpt">PHP crypt() *</label><br />
102 if ($sha1_enabled) $form .= <<<EOD
103 <input type="radio" name="scheme" id="_p_md5_lssha" value="SSHA" $sha1_checked/>
104 <label for="_p_md5_lssha">LDAP SSHA (sha-1 with a seed) *</label><br />
105 <input type="radio" name="scheme" id="_p_md5_lsha" value="SHA" />
106 <label for="_p_md5_lsha">LDAP SHA (sha-1)</label><br />
110 <input type="radio" name="scheme" id="_p_md5_lsmd5" value="SMD5" $md5_checked/>
111 <label for="_p_md5_lsmd5">LDAP SMD5 (md5 with a seed) *</label><br />
112 <input type="radio" name="scheme" id="_p_md5_lmd5" value="MD5" />
113 <label for="_p_md5_lmd5">LDAP MD5</label><br />
115 <input type="radio" name="scheme" id="_p_md5_lcrpt" value="CRYPT" />
116 <label for="_p_md5_lcrpt">LDAP CRYPT *</label><br />
118 <input type="checkbox" name="prefix" id="_p_md5_prefix" checked="checked" />
119 <label for="_p_md5_prefix">Add scheme prefix (RFC2307, Using LDAP as NIS)</label><br />
121 <label for="_p_md5_salt">Salt, '{scheme}', '{scheme}salt', or userPassword itself to specify:</label><br />
122 <input type="text" name="salt" id="_p_md5_salt" size="60" /><br />
124 <input type="submit" value="Compute" /><br />
127 <p>* = Salt enabled<p/>