Full JS : first pass, all seems to work execpt add/delete/update
This commit is contained in:
Gregory Soutade
136
server/index.php
Executable file → Normal file
136
server/index.php
Executable file → Normal file
@@ -25,62 +25,34 @@ session_start();
|
||||
$VIEW_CIPHERED_PASSWORDS=true;
|
||||
$ADMIN_MODE=true;
|
||||
|
||||
$mkey = (isset($_POST['mkey'])) ? $_POST['mkey'] : "";
|
||||
$user = (isset($_POST['user'])) ? $_POST['user'] : "";
|
||||
if (isset($_GET['get_passwords']) && isset($_GET['user']))
|
||||
return list_entries($_GET['user']);
|
||||
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
|
||||
<link rel="stylesheet" type="text/css" href="ressources/gpass.css" />
|
||||
<script src="ressources/jssha256.js"></script>
|
||||
<script src="ressources/hmac.js"></script>
|
||||
<script src="ressources/pkdbf2.js"></script>
|
||||
<script src="ressources/gpass.js"></script>
|
||||
<?php
|
||||
global $user;
|
||||
if ($user == "")
|
||||
echo "<title>gPass : global Password</title>\n";
|
||||
else
|
||||
echo "<title>gPass : global Password - $user</title>\n";
|
||||
?>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<?php
|
||||
global $mkey;
|
||||
if ($ADMIN_MODE && isset($_POST['create_user']))
|
||||
{
|
||||
if (create_user($_POST['user']))
|
||||
$user = $_POST['user'];
|
||||
}
|
||||
else
|
||||
{
|
||||
if (isset($_POST['add']))
|
||||
add_entry($user, $mkey, $_POST['url'], $_POST['login'], $_POST['pwd']);
|
||||
else if (isset($_POST['delete']))
|
||||
delete_entry($user, $_POST['login_ciph']);
|
||||
else if (isset($_POST['update']))
|
||||
update_entry($user, $mkey, $_POST['login_ciph'], $_POST['url'], $_POST['login'], $_POST['pwd']);
|
||||
}
|
||||
?>
|
||||
|
||||
<div id="logo">
|
||||
<a href="http://indefero.soutade.fr/p/gpass"><img src="ressources/gpass.png" alt="logo"/></a>
|
||||
</div>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
|
||||
<link rel="stylesheet" type="text/css" href="ressources/gpass.css" />
|
||||
<script src="ressources/jsaes.js"></script>
|
||||
<script src="ressources/jssha256.js"></script>
|
||||
<script src="ressources/hmac.js"></script>
|
||||
<script src="ressources/pkdbf2.js"></script>
|
||||
<script src="ressources/gpass.js"></script>
|
||||
<title>gPass : global Password</title>
|
||||
</head>
|
||||
<body onload="start();">
|
||||
<div id="logo">
|
||||
<a href="http://indefero.soutade.fr/p/gpass"><img src="ressources/gpass.png" alt="logo"/></a>
|
||||
</div>
|
||||
|
||||
<div id="admin" <?php if (!$ADMIN_MODE) echo "style=\"display:none\"";?> >
|
||||
<form method="post">
|
||||
<input type="text" name="user"/> <input type="submit" name="create_user" value="Create user" onclick="return confirm('Are you sure want to create this user ?');"/>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<form method="post">
|
||||
<input type="text" name="user"/> <input type="submit" name="create_user" value="Create user" onclick="return confirm('Are you sure want to create this user ?');"/>
|
||||
</form>
|
||||
</div>
|
||||
<div id="user">
|
||||
<form method="post" id="select_user">
|
||||
<?php
|
||||
global $user;
|
||||
global $mkey;
|
||||
|
||||
$users = scandir("./users/");
|
||||
$count = 0;
|
||||
foreach($users as $u)
|
||||
@@ -93,7 +65,7 @@ if ($count == 0)
|
||||
echo "<b>No user found</b><br/>\n";
|
||||
else
|
||||
{
|
||||
echo '<b>User</b> <select id="selected_user" name="user">' . "\n";
|
||||
echo "<b>User</b> <select id=\"selected_user\" name=\"user\" onchange=\"document.getElementById('master_key').value = ''\">" . "\n";
|
||||
foreach($users as $u)
|
||||
{
|
||||
if (is_dir("./users/" . $u) && $u[0] != '_' && $u[0] != '.')
|
||||
@@ -106,64 +78,16 @@ else
|
||||
}
|
||||
}
|
||||
echo "</select>\n";
|
||||
echo ' <b>Master key </b> <input id="see_password" type="password" name="mkey"/>';
|
||||
echo "<input name=\"see\" type=\"submit\" value=\"See\" onclick=\"if (document.getElementById('see_password').value == '') return true; a=document.getElementById('selected_user') ; return derive_mkey(a.options[a.selectedIndex].value, 'see_password') ;\"/>" . "\n";
|
||||
echo ' <b>Master key </b> <input id="master_key" type="password" onkeypress="if (event.keyCode == 13) update_master_key();"/>';
|
||||
echo "<input type=\"button\" value=\"See\" onclick=\"update_master_key();\" />" . "\n";
|
||||
|
||||
if ($_SERVER['HTTPS'] == "")
|
||||
echo "<div id=\"addon_address\">Current addon address is : http://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
|
||||
else
|
||||
echo "<div id=\"addon_address\">Current addon address is : https://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
|
||||
}
|
||||
?>
|
||||
</form>
|
||||
<?php
|
||||
global $user;
|
||||
if ($_SERVER['HTTPS'] == "")
|
||||
echo "<div id=\"addon_address\">Current addon address is : http://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
|
||||
else
|
||||
echo "<div id=\"addon_address\">Current addon address is : https://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
|
||||
|
||||
?>
|
||||
<div id="passwords">
|
||||
<?php
|
||||
global $user;
|
||||
global $mkey;
|
||||
global $VIEW_UNCIPHERED_PASSWORDS;
|
||||
|
||||
if ($user != "")
|
||||
{
|
||||
$nb_unciphered = 0;
|
||||
list($nb_ciphered, $entries) = list_entries($user, $mkey);
|
||||
|
||||
echo "<b>" . (count($entries) - $nb_ciphered) . " unciphered password(s)</b><br/>\n";
|
||||
foreach($entries as $entry)
|
||||
{
|
||||
if ($entry['ciphered'] == 1) continue;
|
||||
echo '<form method="post">' . "\n";
|
||||
echo '<input type="hidden" name="user" value="' . $user . '"/>';
|
||||
echo '<input type="hidden" name="mkey" value="' . $mkey . '"/>';
|
||||
echo '<input type="hidden" name="login_ciph" value="' . $entry['login_ciph'] . '"/>';
|
||||
echo 'URL <input type="text" name="url" value="' . $entry['url'] . '"/>';
|
||||
echo 'login <input type="text" name="login" value="' . $entry['login'] . '"/>';
|
||||
echo 'password <input type="text" name="pwd" value="' . $entry['password'] . '"/>';
|
||||
echo '<input type="submit" name="delete" value="Delete" onclick="return confirm(\'Are you sure want to delete this password ?\');"/>';
|
||||
echo '<input type="submit" name="update" value="Update" onclick="return confirm(\'Are you sure want to update this password ?\');"/>';
|
||||
echo '</form>' . "\n";
|
||||
}
|
||||
|
||||
echo "<br/><br/>\n";
|
||||
echo "<b>$nb_ciphered ciphered password(s)</b><br/>\n";
|
||||
if ($VIEW_CIPHERED_PASSWORDS)
|
||||
{
|
||||
foreach($entries as $entry)
|
||||
{
|
||||
if ($entry['ciphered'] == 0) continue;
|
||||
echo '<form method="post">' . "\n";
|
||||
echo '<input type="hidden" name="user" value="' . $user . '"/>';
|
||||
echo '<input type="hidden" name="mkey" value="' . $mkey . '"/>';
|
||||
echo '<input class="hash" type="text" name="login_ciph" value="' . $entry['login_ciph'] . '"/>';
|
||||
echo '<input class="hash" type="text" name="pwd" value="' . $entry['password'] . '"/>';
|
||||
echo '<input type="submit" name="delete" value="Delete" onclick="return confirm(\'Are you sure want to delete this password ?\');"/>';
|
||||
echo '</form>' . "\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
<div id="add_new_password">
|
||||
<?php
|
||||
@@ -187,4 +111,4 @@ if ($user != "")
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
||||
Reference in New Issue
Block a user