Initial commit.

lib/php/monica/passwd.inc.php

@@ -0,0 +1,104 @@
+<?php
+// File name:	passwd.inc.php
+// Description:	Extended PHP subroutine to manuplate passwords
+// Date:	2003-08-15
+// Author:	imacat <imacat@pristine.com.tw>
+// Copyright:	Copyright (C) 2003-2007 Pristine Communications
+
+// Set the include path
+if (!defined("INCPATH_SET")) {
+    require_once dirname(__FILE__) . "/incpath.inc.php";
+}
+// Referenced subroutines
+require_once "monica/encrypt.inc.php";
+require_once "monica/newsn.inc.php";
+
+// sync_saved_passwd: Set the passwords with the password registry
+function sync_saved_passwd(&$FORM, $dummy)
+{
+    // Do not process again
+    if (array_key_exists("_sync_saved_passwd", $FORM)) {
+        return;
+    }
+    // The passwd field
+    if (array_key_exists("passwd", $FORM)) {
+        // Empty password is provided.  Restore to the old password.
+        if ($FORM["passwd"] == "") {
+            unset($FORM["passid"]);
+        // A new password is provided
+        } elseif ($FORM["passwd"] != $dummy) {
+            $FORM["passid"] = _passwd_suspend($FORM["passwd"]);
+        // A previous valid password exists
+        } elseif (_passwd_prev_valid("passid", $FORM)) {
+            $FORM["passwd"] = _passwd_ret($FORM["passid"]);
+        // Invalid previous password.  Restore to the old password.
+        } else {
+            unset($FORM["passid"]);
+            $FORM["passwd"] = "";
+        }
+    }
+    // The passwd2 field
+    if (array_key_exists("passwd2", $FORM)) {
+        // Empty password is provided.  Restore to the old password.
+        if ($FORM["passwd2"] == "") {
+            unset($FORM["passid2"]);
+        // A new password is provided
+        } elseif ($FORM["passwd2"] != $dummy) {
+            $FORM["passid2"] = _passwd_suspend($FORM["passwd2"]);
+        // A previous valid password exists
+        } elseif (_passwd_prev_valid("passid2", $FORM)) {
+            $FORM["passwd2"] = _passwd_ret($FORM["passid2"]);
+        // Invalid previous password.  Restore to the old password.
+        } else {
+            unset($FORM["passid2"]);
+            $FORM["passwd2"] = "";
+        }
+    }
+    $FORM["_sync_saved_passwd"] = true;
+    return;
+}
+
+// _passwd_suspend: Suspend a password
+function _passwd_suspend($password)
+{
+    // Initialize the password registry
+    if (!array_key_exists("savepass", $_SESSION)) {
+        $_SESSION["savepass"] = array();
+    }
+    
+    // Generate a new random password ID
+    $passid = new_sn_assoc($_SESSION["savepass"]);
+    $_SESSION["savepass"][$passid] = encrypt($password);
+    return $passid;
+}
+
+// _passwd_ret: Retrieve a password
+function _passwd_ret($passid)
+{
+    return decrypt($_SESSION["savepass"][$passid]);
+}
+
+// _passwd_prev_valid: If there is a previously-saved password
+function _passwd_prev_valid($col, $FORM)
+{
+    // Password ID does not exist
+    if (!array_key_exists($col, $FORM)) {
+        return false;
+    }
+    // Password registry not initialized yet
+    if (!array_key_exists("savepass", $_SESSION)) {
+        return false;
+    }
+    // Password does not exists in the registry
+    if (!array_key_exists($FORM[$col], $_SESSION["savepass"])) {
+        return false;
+    }
+    // We can't decrypt it
+    $passwd = decrypt($_SESSION["savepass"][$FORM[$col]]);
+    if (is_null($passwd)) {
+        return false;
+    }
+    return true;
+}
+
+?>