. */ include("conf.php"); function load_database() { global $REQUESTS_MIN_DELAY; try { $db = new SQLite3("./gpass.bdd", SQLITE3_OPEN_READWRITE); } catch(Exception $e) { die("Unable to load database for user $user !
"); return null; } list($usec, $sec) = explode(" ", microtime()); $usec = $usec + $sec*1000; try { $last_time = $db->querySingle("SELECT last_access_time FROM conf"); if ($last_time <= $usec && ($usec - $last_time) < $REQUESTS_MIN_DELAY) { // Brute force ?? $db->close(); return null; } $db->query("UPDATE conf SET last_access_time=$usec"); $db->close(); $db = new SQLite3("./gpass.bdd", SQLITE3_OPEN_READONLY); } catch(Exception $e) { $db->close(); die("Unable to load database for user $user !
"); return null; } return $db; } $PROTOCOL_VERSION = 4; $db = load_database(); echo "protocol=gpass-$PROTOCOL_VERSION\n"; if ($PBKDF2_LEVEL != 1000) echo "pbkdf2_level=$PBKDF2_LEVEL\n"; if ($db) { $statement = $db->prepare("SELECT password FROM gpass WHERE login=:login"); for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++) { $statement->bindValue(":login", addslashes($_POST["k$i"])); $result = $statement->execute(); $row = $result->fetchArray(SQLITE3_ASSOC); $result->finalize(); if (isset($row["password"])) { echo "matched_key=" . $i . "\n"; echo "pass=" . $row["password"] . "\n"; break; } } $statement->close(); } echo ""; ?>