slitaz-dev-tools rev 114

tazwikss: add password plugin
author Pascal Bellard <pascal.bellard@slitaz.org>
date Sat Jun 11 11:12:29 2011 +0200 (2011-06-11)
parents 8f1f1d4e50ad
children d0799b0951c5
files tazwikiss/rootfs/var/www/wiki/plugins/wkp_Password.sh
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/tazwikiss/rootfs/var/www/wiki/plugins/wkp_Password.sh	Sat Jun 11 11:12:29 2011 +0200
     1.3 @@ -0,0 +1,64 @@
     1.4 +# WARNING: not secure! You can add &action=edit to the URI and remove HASHPASSWORD...
     1.5 +plugin="Password"
     1.6 +description_fr="Ajoute un mot de passe &agrave; une page avec {PASSWORD=code}"
     1.7 +description="Add a password to a page with {PASSWORD=something}"
     1.8 +   
     1.9 +pagepass_hash()
    1.10 +{
    1.11 +	echo $1 | md5sum | cut -c1-8
    1.12 +}
    1.13 +
    1.14 +action()
    1.15 +{
    1.16 +	[ "$1" == "pagepass" ] || return 1
    1.17 +	uri="$SCRIPT_NAME?page=$(POST page)&auth=$(POST auth)"
    1.18 +	if [ "$(pagepass_hash $(POST pass))" == "$(POST hash)" ]; then
    1.19 +		header  "HTTP/1.0 302 Found" \
    1.20 +			"location: $uri" \
    1.21 +			"Set-Cookie: $(POST cookie)=$(POST hash)"
    1.22 +##			"Set-Cookie: $(POST cookie)=$(POST hash); Max-Age=3600; Path=$(dirname $SCRIPT_NAME); HttpOnly"
    1.23 +	else
    1.24 +		header  "HTTP/1.0 302 Found" \
    1.25 +			"location: $uri&error=1"
    1.26 +	fi
    1.27 +	exit 0
    1.28 +}
    1.29 +
    1.30 +formatBegin()
    1.31 +{
    1.32 +	hash="$(sed '/{HASHPASSWORD=.*}/!d;s/.*{HASHPASSWORD=\([^}]*\)}.*/\1/;q' <<EOT
    1.33 +$CONTENT
    1.34 +EOT
    1.35 +)"
    1.36 +	cookie="pagepass$(pagepass_hash $PWD$PAGE_txt)"
    1.37 +	if [ "$(COOKIE $cookie)" != "$hash" ]; then
    1.38 +		editable=false
    1.39 +		CONTENT="<form method=\"post\" action=\"?action=pagepass\">
    1.40 +<input type=\"hidden\" name=\"page\" value=\"$(GET page)\" /> \
    1.41 +<input type=\"hidden\" name=\"auth\" value=\"$(GET auth)\" /> \
    1.42 +<input type=\"hidden\" name=\"hash\" value=\"$hash\" /> \
    1.43 +<input type=\"hidden\" name=\"cookie\" value=\"$cookie\" /> \
    1.44 +$MDP <input type=\"text\" name=\"pass\" /> \
    1.45 +<input type=\"submit\" value=\"$DONE_BUTTON\" />
    1.46 +</form>"
    1.47 +	else
    1.48 +		CONTENT="$(sed 's/{HASHPASSWORD=[^}]*}//' <<EOT
    1.49 +$CONTENT
    1.50 +EOT
    1.51 +)"
    1.52 +	fi
    1.53 +}
    1.54 +
    1.55 +pagepass_sedexpr()
    1.56 +{
    1.57 +	sed '/{PASSWORD=.*}/!d;s/.*{PASSWORD=\([^}]*\)}.*/\1/' $1 | \
    1.58 +	while read pass; do
    1.59 +		echo -n "-e 's|{PASSWORD=$pass|{HASHPASSWORD=$(pagepass_hash $pass)|' "
    1.60 +	done
    1.61 +	echo -n "-e 's|{PASSWORD=}||' "
    1.62 +}
    1.63 +
    1.64 +writedPage()
    1.65 +{
    1.66 +	eval sed -i $(pagepass_sedexpr $1) $1 $BACKUP_DIR$PAGE_TITLE/*.bak
    1.67 +}