Introduce shadow logins
This commit is contained in:
Gregory Soutade
@@ -24,25 +24,49 @@ include('conf.php');
|
||||
|
||||
session_start();
|
||||
|
||||
$user = "";
|
||||
$user = '';
|
||||
|
||||
if ($ADMIN_MODE && isset($_POST['create_user']))
|
||||
{
|
||||
if (create_user($_POST['user']))
|
||||
$user = addslashes($_POST['user']);
|
||||
if (create_user($user))
|
||||
$user = $_POST['user'];
|
||||
else
|
||||
$user = '';
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = sanitize('user');
|
||||
$login = sanitize('login');
|
||||
$shadow_login = sanitize('shadow_login');
|
||||
$password = sanitize('password');
|
||||
$access_token = sanitize('access_token');
|
||||
$access_tokens = sanitize('access_tokens');
|
||||
$salt = sanitize('salt');
|
||||
|
||||
if (isset($_POST['get_secure_passwords']) && isset($_POST['user']) &&
|
||||
isset($_POST['access_tokens']))
|
||||
return get_secure_entries($user, $access_tokens);
|
||||
|
||||
if (isset($_POST['get_passwords']) && isset($_POST['user']))
|
||||
return list_entries($_POST['user']);
|
||||
return list_entries($user);
|
||||
|
||||
if (isset($_POST['add_entry']) && isset($_POST['user']) &&
|
||||
isset($_POST['login']) && isset($_POST['password']))
|
||||
return add_entry($_POST['user'], $_POST['login'], $_POST['password']);
|
||||
isset($_POST['login']) && isset($_POST['password']) &&
|
||||
isset($_POST['shadow_login']) && isset($_POST['salt']) &&
|
||||
isset($_POST['access_token']) )
|
||||
return add_entry($user,
|
||||
$login,
|
||||
$password,
|
||||
$shadow_login,
|
||||
$salt,
|
||||
$access_token);
|
||||
|
||||
if (isset($_POST['delete_entry']) && isset($_POST['user']) &&
|
||||
isset($_POST['login']))
|
||||
return delete_entry($_POST['user'], $_POST['login']);
|
||||
isset($_POST['login']) && isset($_POST['access_token']))
|
||||
return delete_entry($user,
|
||||
$login,
|
||||
$access_token);
|
||||
}
|
||||
|
||||
?>
|
||||
@@ -50,24 +74,24 @@ else
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
|
||||
<link rel="icon" type="image/png" href="ressources/favicon.png" />
|
||||
<link rel="stylesheet" type="text/css" href="ressources/gpass.css" />
|
||||
<link rel="icon" type="image/png" href="resources/favicon.png" />
|
||||
<link rel="stylesheet" type="text/css" href="resources/gpass.css" />
|
||||
<script language="javascript">
|
||||
<?php
|
||||
echo "pkdbf2_level=$PKDBF2_LEVEL;\n";
|
||||
echo "pkdbf2_level=$PKDBF2_LEVEL; use_shadow_logins=$USE_SHADOW_LOGINS;\n";
|
||||
?>
|
||||
</script>
|
||||
<script src="ressources/jsaes.js"></script>
|
||||
<script src="ressources/jssha256.js"></script>
|
||||
<script src="ressources/hmac.js"></script>
|
||||
<script src="ressources/pkdbf2.js"></script>
|
||||
<script src="ressources/gpass.js"></script>
|
||||
<script src="ressources/pwdmeter.js"></script>
|
||||
<script src="resources/jsaes.js"></script>
|
||||
<script src="resources/jssha256.js"></script>
|
||||
<script src="resources/hmac.js"></script>
|
||||
<script src="resources/pkdbf2.js"></script>
|
||||
<script src="resources/gpass.js"></script>
|
||||
<script src="resources/pwdmeter.js"></script>
|
||||
<title>gPass : global Password</title>
|
||||
</head>
|
||||
<body onload="start();">
|
||||
<div id="logo">
|
||||
<a href="http://indefero.soutade.fr/p/gpass"><img src="ressources/gpass.png" alt="logo"/></a>
|
||||
<a href="http://indefero.soutade.fr/p/gpass"><img src="resources/gpass.png" alt="logo"/></a>
|
||||
</div>
|
||||
|
||||
<div id="admin" <?php if (!$ADMIN_MODE) echo "style=\"display:none\"";?> >
|
||||
|
||||
Reference in New Issue
Block a user