I have a programmer that has written a script for me but it's for php5 and normally, that'd be ok, but I have a client that uses a server with php4 on it - and he's told me that the scripts he runs on his sites would have to be rewritten to work with php5 so it's not a viable solution to get him to upgrade.
My programmer had a family emergency and won't be around for a few weeks - hence the "I'm screwed"..
My clients will put these 2 scripts on their webserver and basically what it does is write users to their htpasswd file. Can someone please point me in the right direction of which portions need to be changed to work on php4?
<?
$password_file = '/.htpasswd'; //full unix path to your htpasswd password file.
$keyphrase = ''; //make up a passphrase and enter it here
if($keyphrase != $_REQUEST[kp]) { exit('Invalid Keyphrase'); }
require('post.php-shown_below');
if($_REQUEST[action] == 'test') {
if(!file_exists($password_file)) {
exit('Password File Not Found');
}
else {
exit('OK');
}
}
elseif($_REQUEST[action] == 'add') {
$pwmanager = new htpasswd($password_file);
$pwmanager->create($_REQUEST[username], $_REQUEST[password]);
$pwmanager->save();
exit('OK');
}
elseif($_REQUEST[action] == 'delete') {
$pwmanager = new htpasswd($password_file);
$pwmanager->remove($_REQUEST[username]);
$pwmanager->save();
exit('OK');
}
else {
exit('Invalid Action.');
}
?>
<?
class htpasswd{
public $users;
public $error;
private $_path;
function htpasswd($file=false){
if(!$file){
die('Please specify a file!');
}else{
//configure
$this->_path = $file;
$this->users = '';
//load database
if(file_exists($file)){
$data = array();
$fcontents = file($file);
while(list($line_num, $line) = each($fcontents)){
$user = explode(':',$line);
//$user = $arraydata[0];
$data[$user[0]] = rtrim($user[1]);
}
$this->users = $data;
}
}
}
function create($user, $passwd, $update=false){
$this->error = '';
if(isset($this->users[$user]) && !$update){
$this->error = 'User <strong>'.$user.'</strong> exists! To update the user set the update parameter to true.';
return false;
}
$this->users[$user] = $this->rand_salt_crypt($passwd);
return true;
}
function remove($user){
$this->error = '';
if(isset($this->users[$user])){
unset($this->users[$user]);
return true;
}else{
$this->error = 'User <strong>'.$user.'</strong> does not exist!';
return false;
}
}
function users(){
$this->error = '';
$rval = Array();
if(is_array($this->users)){
foreach(array_keys($this->users) as $uid){
$rval[count($rval)] = $uid;
}
}
return $rval;
}
function validate($user, $pass){
$this->error = '';
if(!isset($this->users[$user])) return False;
$crypted = $this->users[$user];
if(substr($crypted, 0, 6) == "{SSHA}"){
$ohash = base64_decode(substr($crypted, 6));
return substr($ohash, 0, 20) == pack("H*", sha1($pass . substr($ohash, 20)));
}elseif(substr($crypted, 0, 5) == "{SHA}"){
return ($this->non_salted_sha1($pass) == $crypted);
}else{
return ($pass == $crypted);
}
}
function save($file=false){
$fcontents = "";
if($file == false) $file = $this->_path;
foreach(array_keys($this->users) as $user){
$fcontents .= $user.":".$this->users[$user]."\n";
}
if(file_put_contents($file, $fcontents)){
$this->error = '';
return true;
}else{
$this->error = 'Couldn\'t save the file!';
return false;
}
}
//encryption functions
function rand_salt_crypt($pass){
$salt = "";
mt_srand((double)microtime()*1000000);
for ($i=0; $i<CRYPT_SALT_LENGTH; $i++)
$salt .= substr("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./", mt_rand() & 63, 1);
return "$apr1$".crypt($pass, $salt);
}
function rand_salt_sha1($pass){
mt_srand((double)microtime()*1000000);
$salt = pack("CCCC", mt_rand(), mt_rand(), mt_rand(), mt_rand());
return "{SSHA}".base64_encode(pack("H*", sha1($pass . $salt)) . $salt);
}
function non_salted_sha1($pass){
return "{SHA}".base64_encode(pack("H*", sha1($pass)));
}
}
?>