Server side :
* Add $ADMIN_MODE to enable create users * Add protocol version (1 for now) * Give priority to letters in password generator Client side : * Don't still use global variable to get document after loading * Add email type in possible values for username (used by gmail)
This commit is contained in:
parent
6099b39329
commit
a994074db0
|
@ -26,8 +26,6 @@ var pkdbf2 = require("pkdbf2").pkdbf2;
|
|||
var aes = require("jsaes").aes;
|
||||
var parseURI = require("parseuri").parseURI;
|
||||
var prefSet = require("simple-prefs");
|
||||
// Global document
|
||||
var doc;
|
||||
var DEBUG = false;
|
||||
|
||||
|
||||
|
@ -68,13 +66,13 @@ function on_sumbit()
|
|||
salt = parseURI.parseUri(prefSet.prefs["account_url"]);
|
||||
salt = salt["host"] + salt["path"];
|
||||
|
||||
console.log("salt " + salt);
|
||||
debug("salt " + salt);
|
||||
|
||||
// Get all <input type="text">
|
||||
for (i=0; i<fields.length; i++)
|
||||
{
|
||||
var field = fields[i];
|
||||
if (field.getAttribute("type") == "text")
|
||||
if (field.getAttribute("type") == "text" || field.getAttribute("type") == "email")
|
||||
{
|
||||
if (field.hasAttribute("name"))
|
||||
my_map.put(field.getAttribute("name"), field.value);
|
||||
|
@ -131,9 +129,21 @@ function on_sumbit()
|
|||
gPassRequest.addEventListener("load", function(evt) {
|
||||
r = this.responseText.split("\n");
|
||||
debug("resp " + r);
|
||||
if (r[0] != "<end>" && r[0].startsWith("pass="))
|
||||
protocol = r[0].split("=");
|
||||
if (protocol[1] != "1")
|
||||
{
|
||||
ciphered_password = r[0].split("=");
|
||||
ret = false;
|
||||
notifications.notify({
|
||||
title: "gPasss",
|
||||
text: "Protocol version not supported, please upgrade your addon",
|
||||
data: "Protocol version not supported, please upgrade your addon",
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
if (r[1] != "<end>" && r[1].startsWith("pass="))
|
||||
{
|
||||
ciphered_password = r[1].split("=");
|
||||
ciphered_password = ciphered_password[1];
|
||||
debug("Ciphered password : " + ciphered_password);
|
||||
clear_password = aes.decryptLongString(hex2a(ciphered_password), aes.init(mkey));
|
||||
|
@ -156,6 +166,7 @@ function on_sumbit()
|
|||
data: "No password found in database",
|
||||
});
|
||||
}
|
||||
}
|
||||
}, false);
|
||||
gPassRequest.addEventListener("error", function(evt) {
|
||||
debug("error");
|
||||
|
@ -179,10 +190,11 @@ function on_sumbit()
|
|||
|
||||
function document_loaded(event)
|
||||
{
|
||||
doc = event.target;
|
||||
// If there is a password in the form, add a "submit" listener
|
||||
for(i=0; i<doc.document.forms.length; i++)
|
||||
for(i=0; i<doc.forms.length; i++)
|
||||
{
|
||||
var form = doc.document.forms[i];
|
||||
var form = doc.forms[i];
|
||||
var fields = form.getElementsByTagName("input");
|
||||
for (a=0; a<fields.length; a++)
|
||||
{
|
||||
|
@ -202,8 +214,7 @@ var httpRequestObserver =
|
|||
{
|
||||
if (topic == "content-document-global-created")
|
||||
{
|
||||
doc = subject;
|
||||
doc.addEventListener("DOMContentLoaded", document_loaded, false);
|
||||
subject.addEventListener("DOMContentLoaded", document_loaded, false);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
|
|
@ -23,6 +23,7 @@ include('functions.php');
|
|||
session_start();
|
||||
|
||||
$VIEW_CIPHERED_PASSWORDS=true;
|
||||
$ADMIN_MODE=true;
|
||||
|
||||
$mkey = (isset($_POST['mkey'])) ? $_POST['mkey'] : "";
|
||||
$user = (isset($_POST['user'])) ? $_POST['user'] : "";
|
||||
|
@ -48,7 +49,7 @@ else
|
|||
|
||||
<?php
|
||||
global $mkey;
|
||||
if (isset($_POST['create_user']))
|
||||
if ($ADMIN_MODE && isset($_POST['create_user']))
|
||||
{
|
||||
if (create_user($_POST['user']))
|
||||
$user = $_POST['user'];
|
||||
|
@ -68,7 +69,7 @@ else
|
|||
<a href="http://indefero.soutade.fr/p/gpass"><img src="ressources/gpass.png" alt="logo"/></a>
|
||||
</div>
|
||||
|
||||
<div id="admin">
|
||||
<div id="admin" <?php if (!$ADMIN_MODE) echo "style=\"display:none\"";?> >
|
||||
<form method="post">
|
||||
<input type="text" name="user"/> <input type="submit" name="create_user" value="Create user" onclick="return confirm('Are you sure want to create this user ?');"/>
|
||||
</form>
|
||||
|
|
|
@ -31,12 +31,16 @@ function load_database()
|
|||
return $db;
|
||||
}
|
||||
|
||||
$PROTOCOL_VERSION = 1;
|
||||
|
||||
$db = load_database();
|
||||
|
||||
$res = "";
|
||||
|
||||
$statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
|
||||
|
||||
echo "protocol=$PROTOCOL_VERSION\n";
|
||||
|
||||
for ($i=0; isset($_POST["k$i"]); $i++)
|
||||
{
|
||||
$statement->bindValue(":login", $_POST["k$i"]);
|
||||
|
|
|
@ -37,13 +37,12 @@ function generate_password()
|
|||
// numbers 48 - 57
|
||||
// upper 65 - 90
|
||||
// lower 97 - 122
|
||||
var symbols = new Array(40, 47, 48, 57, 65, 90, 97, 122, 123, 126);
|
||||
// var symbols = new Array(32, 47, 58, 64, 91, 96, 123, 126, 48, 57, 65, 90, 97, 122);
|
||||
// Give priority to letters (65 - 122 duplicated in front and end of array)
|
||||
var symbols = new Array(65, 90, 97, 122, 40, 47, 48, 57, 65, 90, 97, 122, 123, 126, 65, 90, 97, 122);
|
||||
|
||||
field = document.getElementById("new_password");
|
||||
|
||||
var res = "";
|
||||
//for(i=0; i<16; i++)
|
||||
while (res.length < 16)
|
||||
{
|
||||
a = Math.round(Math.random() * (symbols.length/2) * 2);
|
||||
|
|
Loading…
Reference in New Issue
Block a user