2009-06-30 19:22:30 +10:00
|
|
|
<?php
|
2009-06-30 19:29:51 +10:00
|
|
|
/**
|
2009-07-01 16:09:17 +10:00
|
|
|
* Check the password used by an entry.
|
|
|
|
*
|
2009-06-30 19:29:51 +10:00
|
|
|
* @package phpLDAPadmin
|
2009-07-01 16:09:17 +10:00
|
|
|
* @subpackage Page
|
2009-06-30 19:29:51 +10:00
|
|
|
*/
|
2009-07-01 16:09:17 +10:00
|
|
|
|
2009-06-30 19:29:51 +10:00
|
|
|
/**
|
|
|
|
*/
|
2009-06-30 19:22:30 +10:00
|
|
|
|
|
|
|
require './common.php';
|
|
|
|
|
2009-07-01 16:09:17 +10:00
|
|
|
$www['page'] = new page();
|
|
|
|
|
|
|
|
$request = array();
|
|
|
|
$request['componentid'] = get_request('componentid','REQUEST');
|
2022-06-01 17:25:34 +02:00
|
|
|
$request['hash'] = get_request('hash','REQUEST',false,'');
|
|
|
|
$request['password'] = get_request('check_password','REQUEST',false,'');
|
2009-07-01 16:09:17 +10:00
|
|
|
$request['action'] = get_request('action','REQUEST');
|
2011-04-27 21:53:47 +10:00
|
|
|
$request['attribute'] = get_request('attr','REQUEST');
|
2009-06-30 19:22:30 +10:00
|
|
|
|
2009-06-30 20:46:00 +10:00
|
|
|
if (get_request('base64','REQUEST')) {
|
2009-07-01 16:09:17 +10:00
|
|
|
$request['hash'] = base64_decode($request['hash']);
|
|
|
|
$request['password'] = base64_decode($request['password']);
|
2009-06-30 19:22:30 +10:00
|
|
|
}
|
|
|
|
|
2009-07-01 16:09:17 +10:00
|
|
|
$request['enc_type'] = get_enc_type($request['hash']);
|
2009-06-30 20:46:00 +10:00
|
|
|
|
|
|
|
printf('<h3 class="subtitle">%s</h3>',_('Password Checker Tool'));
|
|
|
|
|
|
|
|
echo '<form action="password_checker.php" method="post">';
|
|
|
|
echo '<input type="hidden" name="action" value="compare" />';
|
2011-04-27 21:53:47 +10:00
|
|
|
printf('<input type="hidden" name="attr" value="%s" />',$request['attribute']);
|
2009-06-30 20:46:00 +10:00
|
|
|
|
2010-02-25 02:03:10 +11:00
|
|
|
echo '<table class="forminput" width="100%" border="0">';
|
2009-06-30 20:46:00 +10:00
|
|
|
|
|
|
|
echo '<tr>';
|
2009-06-30 21:51:50 +10:00
|
|
|
printf('<td class="heading">%s</td>',_('Compare'));
|
|
|
|
printf('<td><input type="%s" name="hash" id="hash" value="%s" /></td>',
|
2009-07-01 16:09:17 +10:00
|
|
|
(obfuscate_password_display($request['enc_type']) ? 'password' : 'text'),htmlspecialchars($request['hash']));
|
2009-06-30 20:46:00 +10:00
|
|
|
echo '</tr>';
|
|
|
|
|
|
|
|
echo '<tr>';
|
2009-06-30 21:51:50 +10:00
|
|
|
printf('<td class="heading">%s</td>',_('To'));
|
|
|
|
printf('<td><input type="password" name="check_password" value="%s" /></td>',
|
2009-07-01 16:09:17 +10:00
|
|
|
htmlspecialchars($request['password']));
|
2009-06-30 20:46:00 +10:00
|
|
|
echo '</tr>';
|
|
|
|
|
|
|
|
echo '<tr>';
|
|
|
|
echo '<td> </td>';
|
|
|
|
|
|
|
|
echo '<td><input type="submit" value="Compare" />';
|
2009-06-30 19:22:30 +10:00
|
|
|
|
2009-07-01 16:09:17 +10:00
|
|
|
if ($request['action'] == 'compare') {
|
2009-06-30 20:46:00 +10:00
|
|
|
echo ' <b>';
|
|
|
|
|
2011-04-27 21:53:47 +10:00
|
|
|
if (password_check($request['hash'],$request['password'],$request['attribute']))
|
2009-06-30 20:46:00 +10:00
|
|
|
printf('<span class="good">%s</span>',_('Passwords match!'));
|
|
|
|
else
|
|
|
|
printf('<span class="bad">%s</span>',_('Passwords do not match!'));
|
|
|
|
|
|
|
|
echo '</b>';
|
|
|
|
}
|
|
|
|
|
|
|
|
echo '</td>';
|
|
|
|
echo '</tr>';
|
|
|
|
echo '</table>';
|
|
|
|
echo '</form>';
|
|
|
|
|
2009-07-01 16:09:17 +10:00
|
|
|
# Pull our password from the form that opened this window.
|
|
|
|
if ($request['componentid']) {
|
|
|
|
echo '<script type="text/javascript">';
|
2009-08-22 21:30:50 +10:00
|
|
|
printf('var c = window.opener.document.getElementById("%s");',$request['componentid']);
|
|
|
|
printf('var h = document.getElementById("%s");','hash');
|
2009-06-30 20:46:00 +10:00
|
|
|
echo 'if (c && h) { h.value = c.value; }';
|
|
|
|
echo '</script>';
|
|
|
|
}
|
2009-07-01 16:09:17 +10:00
|
|
|
|
|
|
|
# Capture the output and put into the body of the page.
|
|
|
|
$www['body'] = new block();
|
|
|
|
$www['body']->SetBody(ob_get_contents());
|
|
|
|
$www['page']->block_add('body',$www['body']);
|
|
|
|
ob_end_clean();
|
|
|
|
|
|
|
|
# Render the popup.
|
|
|
|
$www['page']->display(array('CONTROL'=>false,'FOOT'=>false,'HEAD'=>false,'TREE'=>false));
|
2009-06-30 20:46:00 +10:00
|
|
|
?>
|