ce1d010b85
Clear masterkey after "See" or "Add" action
138 lines
4.6 KiB
PHP
138 lines
4.6 KiB
PHP
<?php
|
|
/*
|
|
Copyright (C) 2013-2014 Grégory Soutadé
|
|
|
|
This file is part of gPass.
|
|
|
|
gPass is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
gPass is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with gPass. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
include('functions.php');
|
|
|
|
include('conf.php');
|
|
|
|
session_start();
|
|
|
|
$user = "";
|
|
|
|
if ($ADMIN_MODE && isset($_POST['create_user']))
|
|
{
|
|
if (create_user($_POST['user']))
|
|
$user = $_POST['user'];
|
|
}
|
|
else
|
|
{
|
|
if (isset($_POST['get_passwords']) && isset($_POST['user']))
|
|
return list_entries($_POST['user']);
|
|
|
|
if (isset($_POST['add_entry']) && isset($_POST['user']) &&
|
|
isset($_POST['login']) && isset($_POST['password']))
|
|
return add_entry($_POST['user'], $_POST['login'], $_POST['password']);
|
|
|
|
if (isset($_POST['delete_entry']) && isset($_POST['user']) &&
|
|
isset($_POST['login']))
|
|
return delete_entry($_POST['user'], $_POST['login']);
|
|
}
|
|
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
|
|
<link rel="stylesheet" type="text/css" href="ressources/gpass.css" />
|
|
<script language="javascript">
|
|
<?php
|
|
echo "pkdbf2_level=$PKDBF2_LEVEL;\n";
|
|
?>
|
|
</script>
|
|
<script src="ressources/jsaes.js"></script>
|
|
<script src="ressources/jssha256.js"></script>
|
|
<script src="ressources/hmac.js"></script>
|
|
<script src="ressources/pkdbf2.js"></script>
|
|
<script src="ressources/gpass.js"></script>
|
|
<script src="ressources/pwdmeter.js"></script>
|
|
<title>gPass : global Password</title>
|
|
</head>
|
|
<body onload="start();">
|
|
<div id="logo">
|
|
<a href="http://indefero.soutade.fr/p/gpass"><img src="ressources/gpass.png" alt="logo"/></a>
|
|
</div>
|
|
|
|
<div id="admin" <?php if (!$ADMIN_MODE) echo "style=\"display:none\"";?> >
|
|
<form method="post">
|
|
<input type="text" name="user"/> <input type="submit" name="create_user" value="Create user" onclick="return confirm('Are you sure want to create this user ?');"/>
|
|
</form>
|
|
</div>
|
|
<div id="user">
|
|
<?php
|
|
global $user;
|
|
$users = scandir("./users/");
|
|
$count = 0;
|
|
foreach($users as $u)
|
|
{
|
|
if (is_dir("./users/" . $u) && $u[0] != '_' && $u[0] != '.')
|
|
$count++;
|
|
}
|
|
|
|
if ($count == 0)
|
|
echo "<b>No user found</b><br/>\n";
|
|
else
|
|
{
|
|
echo "<b>User</b> <select id=\"selected_user\" name=\"user\" onchange=\"document.getElementById('master_key').value = ''\">" . "\n";
|
|
foreach($users as $u)
|
|
{
|
|
if (is_dir("./users/" . $u) && $u[0] != '_' && $u[0] != '.')
|
|
{
|
|
if ($user == "") $user = $u;
|
|
if ($user == $u)
|
|
echo "<option value=\"$u\" selected=\"1\"/>$u</option>";
|
|
else
|
|
echo "<option value=\"$u\"/>$u</option>";
|
|
}
|
|
}
|
|
echo "</select>\n";
|
|
echo ' <b>Master key </b> <input id="master_key" type="password" onkeypress="if (event.keyCode == 13) update_master_key(true);"/>';
|
|
echo "<input type=\"button\" value=\"See\" onclick=\"update_master_key(true);\" />" . "\n";
|
|
|
|
if (!isset($_SERVER['HTTPS']))
|
|
echo "<div id=\"addon_address\">Current addon address is : http://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
|
|
else
|
|
echo "<div id=\"addon_address\">Current addon address is : https://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
|
|
}
|
|
?>
|
|
<div id="passwords">
|
|
</div>
|
|
<div id="add_new_password">
|
|
<?php
|
|
global $user;
|
|
|
|
if ($user != "")
|
|
{
|
|
echo "<b>Add a new password</b><br/>\n";
|
|
|
|
echo 'URL <input type="text" name="url"/>';
|
|
echo 'login <input type="text" name="login" />';
|
|
echo 'password <input id="new_password" type="text" name="password"/>';
|
|
echo 'master key <input type="text" name="mkey" onkeypress="if (event.keyCode == 13) add_password();" onkeyup="chkPass(this.value);"/>';
|
|
echo '<input type="button" value="Generate password" onClick="generate_password();"/>';
|
|
echo "<input type=\"button\" name=\"add\" value=\"Add\" onclick=\"add_password();\"/>";
|
|
echo "<br />";
|
|
echo '<div><a href="http://en.wikipedia.org/wiki/Password_strength">Master key strength</a><div id="scorebarBorder"><div id="score">0%</div><div id="scorebar"> </div></div></div>';
|
|
}
|
|
?>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|