From 01f64f72fe240fdfc10f52eba4908090c2fc1acb Mon Sep 17 00:00:00 2001 From: "m.fu" Date: Sun, 5 Jun 2011 21:54:17 +0200 Subject: 7.x-1.0 is the first 7.x compatible release. by stfwi Additional features are: (stfwi) - htgroup file now optinoal - optional remove whitespaces from user names - optional user names lowercase - optional specify a domain where emails shall be exported as well as htuser login Fixes: (stfwi) - fixed htgroup/htpassed compliancy (sanatizing names) - fixed "liberal admin permissions" by moving into config menu - fixed php5 deprecated functions (such as split() ) --- CHANGELOG.txt | 28 +- HTPasswdSync.info | 10 +- HTPasswdSync.install | 88 ++--- HTPasswdSync.module | 1060 ++++++++++++++++++++++++++++---------------------- README.txt | 7 +- 5 files changed, 639 insertions(+), 554 deletions(-) mode change 100644 => 100755 CHANGELOG.txt mode change 100644 => 100755 HTPasswdSync.info mode change 100644 => 100755 HTPasswdSync.install mode change 100644 => 100755 HTPasswdSync.module mode change 100644 => 100755 README.txt diff --git a/CHANGELOG.txt b/CHANGELOG.txt old mode 100644 new mode 100755 index 0058af6..fbb5559 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,27 +1,3 @@ +$Id: CHANGELOG.txt,v 1.0.0 2011/06/01 00:08:53 stfwi Exp $ -Fixed #588208 by ikogan : username shall not contain colon - -v1.4 bug fix release -Fixed #588208 by ikogan : fixed the colon detection -Fixed #611020 by fasdalf@fasdalf.ru : group file not updated when adding user - -v1.3 bug fix release -Fixed #588208 by ikogan : username with t are concidered invalid - -v1.2 bug fix release -Fixed #503718 by m.fu : htpassword corruption when enabling/disabling user -Fixed #437904 by fasdalf@fasdalf.ru : group file not generated properly, now happen on after_update -Fixed #437844 by fasdalf@fasdalf.ru : error when deleting one user -Fixed #503726 by m.fu: group file no longer contain disabled users -Added #503720 by m.fu : option to overwrite htpasswd -Fixed #503724 by m.fu : validation of username, must be htpasswd compatible -Fixed #437852 by fasdalf@fasdalf.ru : name change is detected and handled properly - -v1.1 bug fix release -Fixed #409406 by fasdalf@fasdalf.ru : remove comma in htgroup file -Added #408798 by fasdalf@fasdalf.ru : request for windows support - windows does not support crypt password hash - added support for SHA-1 password hash which is supported by windows. -Fixed : group file not allways updated. - -v1.0 Initial release \ No newline at end of file +v1.0 Initial release for DP7 diff --git a/HTPasswdSync.info b/HTPasswdSync.info old mode 100644 new mode 100755 index b43630b..d890e3f --- a/HTPasswdSync.info +++ b/HTPasswdSync.info @@ -1,3 +1,9 @@ +; $Id: HTPasswdSync.info, stfwi Exp $ name = HTPasswdSync -description = This module will duplicate all users changes in the configured htpasswd file. -core = 6.x \ No newline at end of file +description = Export user login data into htpasswd and htgroup files. +core = 7.x + +version = "7.x-1.0-dev" +core = "7.x" +project = "htpasswdsync" + diff --git a/HTPasswdSync.install b/HTPasswdSync.install old mode 100644 new mode 100755 index de25918..77e5112 --- a/HTPasswdSync.install +++ b/HTPasswdSync.install @@ -1,59 +1,53 @@ array( - 'username' => array( - 'description' => 'The {users}.username.', - 'type' => 'varchar', - 'length' => 33, - 'not null' => TRUE, - 'default' => 0, - ), - 'passwd' => array( - 'description' => 'The crypted (crypt) password.', - 'type' => 'varchar', - 'length' => 33, - 'not null' => TRUE, - 'default' => '', - ), - ), - 'primary key' => array('username'), + $schema['htpasswdsync_passwd'] = array( + 'fields' => array( + 'username' => array( + 'description' => 'The {users}.username.', + 'type' => 'varchar', + 'length' => 64, + 'not null' => true, + 'default' => 0, + ), + 'passwd' => array( + 'description' => 'The crypted (crypt) password.', + 'type' => 'varchar', + 'length' => 64, + 'not null' => true, + 'default' => '', + ), + ), + 'primary key' => array('username'), ); return $schema; } +?> \ No newline at end of file diff --git a/HTPasswdSync.module b/HTPasswdSync.module old mode 100644 new mode 100755 index 886c440..e563dec --- a/HTPasswdSync.module +++ b/HTPasswdSync.module @@ -1,359 +1,362 @@ $p) { - if ($u != "" && $p != "") { - fputs($f, $u .":". $p ."\n"); +function _htpasswdsync_sanatize_name($name) { + $name = trim(preg_replace('/[^\w\s]/i', '', $name), " \t\n\r"); + if(_htpasswdsync_names_without_whitespace()) $name = str_replace(' ','', $name); + if(_htpasswdsync_names_lowercase()) $name = strtolower($name); + return $name; +} + + +/** + * Returns the password hashed according to users preferences + * @param string $password + * @return string + */ +function _htpasswdsync_crypt($password) { + $hashes = _htpasswdsync_hashes(); + switch ($hashes[_htpasswdsync_hash()]) { + case 'crypt': + return crypt($password, chr(rand(65, 122)) . chr(rand(65, 122))); + break; + case 'SHA-1': + return '{SHA}' . base64_encode(sha1($password, TRUE)); + break; + default: + return _htpasswdsync_hash(); } - } - fclose($f); - } - -/* generate the htgroup content - * +} + +/** + * Checks if a file (given by path) exitsts and is writable. Returns false + * on success, an error message on error. + * @param string $path + * @return mixed + */ +function _htpasswdsync_check_file($path) { + if(is_file($path) && is_writable($path) && is_readable($path)) { + return false; + } else if(!is_file($path)) { + return t("File '!file' does not exists, you should create it.", + array('!file' => $path)); + } else if(!is_readable($path)) { + return t("File '!file' exists but is not readable for the server. Use chmod command to change this.", + array('!file' => $path)); + } else { + return t("File '!file' exists but is not writable for the server. Use chmod command to change this.", + array('!file' => $path)); + } +} + + +/** + * Read htfile in an assoc. array (key=user, value=password hash) + * @param string $file + * @return array + */ +function _htpasswdsync_read_htfile($file) { + $content = file_get_contents($file); + if($content === false) { + watchdog('HtPasswdSync', "Failed to read $file", WATCHDOG_ERROR); + } else { + $data = array(); + $content = explode("\n", $content); + foreach($content as $line) { + $line = trim($line); + if(!empty($line)) { + $line = explode(':', $line, 2); + if(count($line) == 2) { + $line[0] = trim($line[0]); + $line[1] = trim($line[1]); + if(strlen($line[0]) > 0 && strlen($line[1]) > 0) { + $data[$line[0]] = $line[1]; + } + } + } + } + } + return $data; +} + + +/** + * Write an htfile + * @param array &$data + * @param string $file + * @return void + */ +function _htpasswdsync_write_htfile(&$data, $file) { + $content = array(); + foreach($data as $u => $p) { + if(strlen($u) > 0 && strlen($p) > 0) { + $content[] = "$u:$p"; + } + } + if(file_put_contents($file, implode("\n", $content) . "\n") === false) { + watchdog('HtPasswdSync', "Failed to write $file", WATCHDOG_ERROR); + } +} + + +/** + * Generate the htgroup content * for each role configured (htpasswdsync_roles array), list users * and update the htgroup accordingly - * - * @param - * @return - */ - function _htpasswdsync_updategroup() { - $file = _htpasswdsync_grpfilename(); - $groups = array(); - - // if we overwrite, then why botter reading the previous file - if (! _htpasswdsync_overwrite()) { - _htpasswdsync_read_htfile($groups, $file); - } - - foreach (_htpasswdsync_roles() as $rid) { - // get role name - $res = db_fetch_object(db_query('SELECT name FROM {role} WHERE rid = %d', $rid)); - $name = $res->name; - - //empty group - $groups[$name] = ""; - - // add members to the group - $res = db_query('SELECT name FROM {users} u, {users_roles} ur WHERE ur.rid = %d AND ur.uid = u.uid AND status = 1', $rid); - while ($r = db_fetch_object($res)) { - $groups[$name] .= " ". $r->name; + * @return + */ +function _htpasswdsync_updategroup() { + $file = _htpasswdsync_grpfilename(); + $groups = array(); + + if($file == "") { + return; } - } - _htpasswdsync_write_htfile($groups, $file); - } + $mail_domain = _htpasswdsync_email_domain(); + + if(! _htpasswdsync_overwrite()) { + $groups = _htpasswdsync_read_htfile($file); + } -/* generate the htpasswd content from the database - * - * update the htpasswd file from the table htpasswdsync_passwd - * - * @param - * @return - */ + foreach(_htpasswdsync_roles() as $rid) { + $roles = db_query('SELECT name FROM {role} WHERE rid = :rid', array(':rid' => $rid)); + foreach($roles as $role) { + if(strlen(trim($role->name)) > 0) { + $role = _htpasswdsync_sanatize_name($role->name); + $groups[$role] = ''; + $users = db_query('SELECT u.name, u.mail FROM {users} AS u, {users_roles} AS ur WHERE ur.rid = :rid AND ur.uid = u.uid AND status = 1', array(':rid' => $rid)); + foreach($users as $user) { + $groups[$role] .= ' ' . _htpasswdsync_sanatize_name($user->name); + if($mail_domain != '') { + $user->mail = strtolower($user->mail); + if(strpos($user->mail, $mail_domain) !== false) { + $user->mail = reset(explode('@', $user->mail, 2)); + $groups[$role] .= ' ' . _htpasswdsync_sanatize_name($user->mail); + } + } + } + } + break; // fetch max. one role + } + } + _htpasswdsync_write_htfile($groups, $file); +} + + +/** + * Generate the htpasswd content from the database update the htpasswd file + * from the table htpasswdsync_passwd + * @return void + */ function _htpasswdsync_updatepasswd() { - $file = _htpasswdsync_passfilename(); - $passwords = array(); - - // if we overwrite, then why botter reading the previous file - if (! _htpasswdsync_overwrite()) { - _htpasswdsync_read_htfile($passwords, $file); - } - //get all users - $res = db_query('SELECT username, passwd FROM {htpasswdsync_passwd}, {users} WHERE name=username and status = 1'); - while ($r = db_fetch_object($res)) { - if ($r->passwd == "****DELETED") { - unset($passwords[$r->username]); + $file = _htpasswdsync_passfilename(); + $passwords = array(); + + if($file == "") { + return; } - else { - $passwords[$r->username] = $r->passwd; + + $overwrite = _htpasswdsync_overwrite(); + $mail_domain = _htpasswdsync_email_domain(); + + if(!$overwrite) { + $passwords = _htpasswdsync_read_htfile($file); } - } - _htpasswdsync_write_htfile($passwords, $file); + + $res = db_query('SELECT A.username, A.passwd, B.mail FROM {htpasswdsync_htpasswd} AS A, {users} AS B WHERE name=username and status = 1'); + foreach($res as $r) { + if(!$overwrite) { + if(isset($passwords[str_replace(' ','', $r->username)])) unset($passwords[str_replace(' ','', $r->username)]); + if(isset($passwords[str_replace(' ','', strtolower($r->username))])) unset($passwords[str_replace(' ','', strtolower($r->username))]); + if(isset($passwords[strtolower($r->username)])) unset($passwords[strtolower($r->username)]); + } + if($r->passwd == "****DELETED" || $r->passwd == '') { + if(isset($passwords[$r->username])) unset($passwords[$r->username]); + if(isset($passwords[$r->mail])) unset($passwords[$r->mail]); + } else { + $passwords[_htpasswdsync_sanatize_name($r->username)] = $r->passwd; + if($mail_domain != '') { + $r->mail = strtolower($r->mail); + if(strpos($r->mail, $mail_domain) !== false) { + $r->mail = reset(explode('@', $r->mail, 2)); + $passwords[_htpasswdsync_sanatize_name($r->mail)] = $r->passwd; + } + + } + } + } + _htpasswdsync_write_htfile($passwords, $file); } - -/* update htpassword table with the new password of the user - * - * @param $edit - * fields that have been edited - * @param $account - * account of the user to update - * @return - */ - function _htpasswdsync_update($edit, $account) { - - if (isset($edit["pass"]) && $edit["pass"] <> "") { - // update with the $account information received - // password crypted with the standard crypt (not MD5) function - $user = $account->name; - $pass = _htpasswdsync_crypt($edit['pass']); - $passwds[$user] = $pass; - - //update table - db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $user); - db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $user, $pass); - _htpasswdsync_commit_to_htpasswd(); - } - if (isset($edit['name']) && $edit['name'] <> $account->name) { - // we are changing username - $r = db_query("SELECT username,passwd from {htpasswdsync_passwd} WHERE username = '%s'", $account->name); - $user = db_fetch_object($r); - db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $user->username); - db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $edit['name']); - db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $edit['name'], $user->passwd); - _htpasswdsync_commit_to_htpasswd(); - } + +/** + * Update htpassword table with the new password of the user + * @param object $edit + * @return void + */ +function _htpasswdsync_update($edit) { + if(isset($edit->pass) && $edit->pass != '' && isset($edit->name) && strlen(trim($edit->name)) > 0) { + $user = $edit->name; + $pass = _htpasswdsync_crypt($edit->pass); + $passwds[$user] = $pass; + if(isset($edit->uid) && $edit->uid > 0) { + $ref_user = user_load($edit->uid); + if($ref_user->name != $user) { + db_query("DELETE FROM {htpasswdsync_htpasswd} WHERE username = :username", array(':username' => $ref_user->name)); + } + } + db_query("DELETE FROM {htpasswdsync_htpasswd} WHERE username = :user", array(':user' => $user)); + db_query("INSERT INTO {htpasswdsync_htpasswd} (username, passwd) VALUES(:user, :pass)", array(':user' => $user, ':pass' => $pass)); + _htpasswdsync_commit_to_htpasswd(); + } } -/* update htpassword file with the new password of the user - * - * @param $account - * account of the user to update - * @return - */ + +/** + * Update htpassword file with the new password of the user + * @return void + */ function _htpasswdsync_commit_to_htpasswd() { - // update passwd file with new status - _htpasswdsync_updatepasswd(); - _htpasswdsync_updategroup(); + _htpasswdsync_updatepasswd(); + _htpasswdsync_updategroup(); } -/* remove the one user for the htpassword file - * - * @param $username - * username of account to delete - * @return - */ + +/** + * Remove the one user for the htpassword file + * @param string $username + * @return void + */ function _htpasswdsync_delete_user($username) { - db_query("DELETE FROM {htpasswdsync_passwd} WHERE username = '%s'", $username); - db_query("INSERT INTO {htpasswdsync_passwd} (username, passwd) VALUES('%s', '%s')", $username, "****DELETED"); + db_query("DELETE FROM {htpasswdsync_htpasswd} WHERE username = :username", array(':username' => $username)); + db_query("INSERT INTO {htpasswdsync_htpasswd} (username, passwd) VALUES(:username, :passwd)", array(':username' => $username, ':passwd' => "****DELETED") ); } - -/* remove the user for the htpassword file - * - * @param $account - * array of account to delete - * @return - */ + +/** + * Remove the user for the htpassword file + * @param object $account + * @return void + */ function _htpasswdsync_delete($account) { - if (isset($account['accounts'])) { - foreach ($account['accounts'] as $a) { - $r = db_query("SELECT name FROM {users} WHERE uid = %d", $a); - $user = db_fetch_object($r); - _htpasswdsync_delete_user($user->name); - } - } - elseif (isset($account['_account'])) { - _htpasswdsync_delete_user($user->name); - } - _htpasswdsync_commit_to_htpasswd(); + _htpasswdsync_delete_user($account->name); + _htpasswdsync_commit_to_htpasswd(); } - /** -* Validate user form input -* here we refuse username with characters that are not supported -* in htpasswd files -* @param $edit field submited -* @return none -*/ + +/** + * Validate user form input here we refuse username with characters that are + * not supported in htpasswd files + * @param $edit field submited + * @return none + */ function _htpasswdsync_validate($edit, $account) { - if (isset($edit['name'])) { + if(isset($edit['name'])) { if (ereg('[:[:space:]]', $edit['name'])) { - form_set_error('htpasswdsync', + form_set_error('htpasswdsync', t('The username contains an illegal character, like <space>, :')); } } -} // htpasswdsync_validate +} - /** -* Display help and module information -* @param path which path of the site we're displaying help -* @param arg array that holds the current path as would be returned from arg() function -* @return help text for the path -*/ + +/** + * Returns help and module information + * @param string $path which path of the site we're displaying help + * @param array $arg Holds the current path as would be returned from arg() function + * @return string + */ function htpasswdsync_help($path, $arg) { $output = ''; //declare your output variable switch ($path) { @@ -362,190 +365,297 @@ function htpasswdsync_help($path, $arg) { break; } return $output; -} // function htpasswdsync_help +} + /** -* Valid permissions for this module -* @return array An array of valid permissions for the htpasswdsync module +* Returns the required permissions for the htpasswdsync module +* @return array */ -function htpasswdsync_perm() { - return array('administer htpasswdsync'); -} // function htpasswdsync_perm() - -/* - * Implementation of hook_user() - */ -function htpasswdsync_user($op, &$edit, &$account, $category = NULL) { - switch ($op) { - case "delete": - _htpasswdsync_delete($edit); - break; - case "insert": - _htpasswdsync_update($edit, $account); - break; - case "update": - _htpasswdsync_update($edit, $account); - break; - case "after_update": - _htpasswdsync_commit_to_htpasswd(); - break; - case "validate": - _htpasswdsync_validate($edit, $account); - break; - case "load": - _htpasswdsync_updategroup(); - break; - } -} // function htpasswdsync_user() +function htpasswdsync_permission() { + return array( + 'user' => array( + 'title' => t('Administer htpasswd synchronization'), + 'restrict access' => true + ) + ); +} -function htpasswdsync_admin() { +/** + * User cancel hook + * @param array $edit + * @param object $account + * @param string $method + * @return void + */ +function htpasswdsync_user_cancel($edit, $account, $method) { + _htpasswdsync_delete($account); +} - $form['htpasswdsync_htpasswd'] = array( - '#type' => 'textfield', - '#title' => t('htpasswd file'), - '#default_value' => _htpasswdsync_passfilename(), - '#size' => 100, - '#maxlength' => 200, - '#description' => t("Where is stored the !file file we want to synchronize with.", - array('!file' => 'htpasswd')), - '#required' => TRUE, - ); - $form['htpasswdsync_htgroup'] = array( - '#type' => 'textfield', - '#title' => t('htgroup file'), - '#default_value' => _htpasswdsync_grpfilename(), - '#size' => 100, - '#maxlength' => 200, - '#description' => t("Where is stored the !file file we want to synchronize with.", - array('!file' => 'htgroup')), - '#required' => TRUE, - ); - $form['htpasswdsync_hash'] = array( - '#type' => 'radios', - '#title' => t('password hashing algorythm'), - '#description' => t("How shall the password be hashed (crypt for unix, SHA1 for all)"), - '#options' => _htpasswdsync_hashes(), - '#default_value' => _htpasswdsync_hash(), - ); - $form['htpasswdsync_roles'] = array( - '#type' => 'checkboxes', - '#title' => t('Roles to be exported in htgroup'), - '#default_value' => _htpasswdsync_roles(), - '#options' => user_roles(TRUE), - ); - $form['htpasswdsync_overwrite'] = array( - '#type' => 'checkbox', - '#title' => t('is htpasswd file only managed by this module'), - '#default_value' => _htpasswdsync_overwrite(), - ); - - return system_settings_form($form); -} - - -/* Test if a file exist and is writable - * - * @param $filename - * name of the file - * @return - * return false on success, otherwise an error message + +/** + * User delete hook + * @param object $account + * @return void */ -function _htpasswdsync_check_file($file) { - $f = @fopen($file, "r"); - if (!$f) { - return t("File '!file' does not exists, you should create it.", - array('!file' => $file)); - } - else { - fclose($f); - $f = @fopen($file, "a"); - if (!$f) { - return t("cannot write to file '!file'.", array('!file' => $file)); - } - else { - fclose($f); +function htpasswdsync_user_delete($account) { + _htpasswdsync_delete($account); +} + + +/** + * User insert/edit hook. Used instead of htpasswdsync_user_insert() and + * htpasswdsync_user_update() because at these states the password is already + * hashed. + * @param array &$edit + * @param object $account + * @param string $category + * @return void + */ +function htpasswdsync_field_attach_submit($entity_type, $entity, $form, &$form_state) { + if($entity_type != 'user') return; + if(!empty($entity->name) && !empty($entity->pass)) { + _htpasswdsync_update($entity); } - } - return FALSE; } -function htpasswdsync_admin_validate($form, &$form_state) { - $file = $form_state['values']['htpasswdsync_htpasswd']; - if ($msg = _htpasswdsync_check_file($file)) { - form_set_error('htpasswdsync_htpasswd', $msg); - } +/** + * Role delete hook + * @param object $role + * @return void + */ +function htpasswdsync_user_role_update($role) { + _htpasswdsync_updategroup(); +} - $file = $form_state['values']['htpasswdsync_htgroup']; - if ($msg = _htpasswdsync_check_file($file)) { - form_set_error('htpasswdsync_htpasswd', $msg); - } + +/** + * Role delete hook + * @param object $role + * @return void + */ +function htpasswdsync_user_role_delete($role) { + _htpasswdsync_updategroup(); } -function htpasswdsync_menu() { - $items = array(); +/** + * Returns the configuration form structure + * @return array + */ +function htpasswdsync_admin() { + $form['htpasswdsync_htpasswd'] = array( + '#type' => 'textfield', + '#title' => t('htpasswd file'), + '#default_value' => _htpasswdsync_passfilename(), + '#size' => 100, + '#maxlength' => 200, + '#description' => t("The full path to the !file file (e.g. !eg_file).", array('!file' => 'htpasswd', '!eg_file' => '/etc/httpd/htpasswd')), + '#required' => true, + ); + $form['htpasswdsync_htgroup'] = array( + '#type' => 'textfield', + '#title' => t('htgroup file'), + '#default_value' => _htpasswdsync_grpfilename(), + '#size' => 100, + '#maxlength' => 200, + '#description' => t("The full path to the !file file (e.g. /etc/httpd/htgroup). Leave blank if you don't need a group file. If you enter a group file here, then you must also define a htpasswd file above.", array('!file' => 'htgroup')), + '#required' => false, + ); + $form['htpasswdsync_hash'] = array( + '#type' => 'radios', + '#title' => t('password hashing algorythm'), + '#description' => t("How shall the password be hashed (crypt only available for unix, SHA1 can be used on all platforms)"), + '#options' => _htpasswdsync_hashes(), + '#default_value' => _htpasswdsync_hash(), + ); + $form['htpasswdsync_roles'] = array( + '#type' => 'checkboxes', + '#title' => t('Roles to be exported into the htgroup file'), + '#default_value' => _htpasswdsync_roles(), + '#options' => user_roles(true), + ); + $form['htpasswdsync_overwrite'] = array( + '#type' => 'checkbox', + '#title' => t('htpasswd file is only managed by this module'), + '#description' => t("If yes, manually added users in the user file will be removed. If no, only the users stored in the database will be changed/added/deleted."), + '#default_value' => _htpasswdsync_overwrite(), + ); + $form['htpasswdsync_names_lowercase'] = array( + '#type' => 'checkbox', + '#title' => t('Export user names and group names lowercase'), + '#description' => t("If yes, htpasswdsync will export the lowercase user names as well (e.g. 'User' will be exported as 'User' and 'user'). Groups will always be exported lowercase (as the user does not need to enter a group, so this makes it easier to design the .htaccess files). Caution: this option may increase the file size of the htuser file."), + '#default_value' => _htpasswdsync_names_lowercase(), + ); + $form['htpasswdsync_names_without_whitespace'] = array( + '#type' => 'checkbox', + '#title' => t('Remove whitespaces in user names and groups'), + '#description' => t("If yes, htpasswdsync will remove all whitespaces in user names and groups (e.g. 'User 1' will be exported as 'User1'). Caution: this increases the file size of the htuser file. If you use groups, then you must check this setting because whitespaces are used as separators in the group file. This setting goes along with the checkbox above."), + '#default_value' => _htpasswdsync_names_without_whitespace(), + ); + $form['htpasswdsync_export_email_domain'] = array( + '#type' => 'textfield', + '#title' => t('Additional user email domain'), + '#default_value' => _htpasswdsync_email_domain(), + '#size' => 100, + '#maxlength' => 200, + '#description' => t("Enter a domain here if you want that email account names shall be exported into the htpasswd file as well. E.g., if you enter 'example.org', then the email 'user1@example.org' would be exported as 'user1' into the htpasswd file. However, it should be more interesting for your own domain."), + '#required' => false, + ); - $items['admin/user/htpasswdsync'] = array( - 'title' => 'HTPassword Sync', - 'description' => 'Preferences for the HTPasswd Sync module', - 'page callback' => 'drupal_get_form', - 'page arguments' => array('htpasswdsync_admin'), - 'access arguments' => array('access administration pages'), - 'type' => MENU_NORMAL_ITEM, - ); + // Small description ... + $txt = t('This is how a simple .htaccess file could look like:') + . "
\t[...]\n"
+            . "\tAuthType Basic\n"
+            . "\tAuthName \"Protected members area. Enter your login name without whitespaces and special characters.\"\n"
+            ;
+
+    if(_htpasswdsync_passfilename() != '') {
+        $txt .= "\tAuthUserFile " . _htpasswdsync_passfilename() . "\n";
+        if(_htpasswdsync_grpfilename() != '') {
+            $txt .= "\tAuthGroupFile " . _htpasswdsync_grpfilename() . "\n";
+        }
+
+        $txt .=   "\trequire valid-user\n"
+                . "\t#require group administrator\n"
+                . "\n[OR]\n"
+                . "\t[...]

"; + } - return $items; + $form['htaccess_file_now_looks_like'] = array( + '#markup' => $txt + ); + return system_settings_form($form); } -function htpasswdsync_requirements($phase) { - $requirements = array(); +/** + * Form validation callback. Checks if htpasswd/htgroup file are writable + * @param array $form + * @param array& $form_state + * @return void + */ +function htpasswdsync_admin_validate($form, &$form_state) { + $form_state['values']['htpasswdsync_htpasswd'] = trim($form_state['values']['htpasswdsync_htpasswd']); + $form_state['values']['htpasswdsync_htgroup'] = trim($form_state['values']['htpasswdsync_htgroup']); + $error = false; + + if(empty($form_state['values']['htpasswdsync_htpasswd']) && empty($form_state['values']['htpasswdsync_htgroup'])) { + form_set_error('htpasswdsync_htpasswd', 'You should at least specify the htpasswd file.'); + } else if(!empty($form_state['values']['htpasswdsync_htgroup']) && empty($form_state['values']['htpasswdsync_htpasswd'])) { + form_set_error('htpasswdsync_htpasswd', 'The htgroup file makes no sense without the htpasswd file.'); + } - // if not runtime query, exit - if ($phase != 'runtime') { - return $requirements; - } - - $htpasswd_status_msg = _htpasswdsync_check_file(_htpasswdsync_passfilename()); - $htpasswd_status_val = REQUIREMENT_ERROR; - if (!$htpasswd_status_msg) { - $htpasswd_status_msg = t('!file file is available', array('!file' => 'htpasswd')); - $htpasswd_status_val = REQUIREMENT_OK; - } + $file = $form_state['values']['htpasswdsync_htpasswd']; + if(!empty($file)) { + if($msg = _htpasswdsync_check_file($file)) { + form_set_error('htpasswdsync_htpasswd', $msg); + $error = true; + } + } - $htgroup_status_msg = _htpasswdsync_check_file(_htpasswdsync_grpfilename()); - $htgroup_status_val = REQUIREMENT_ERROR; - if (!$htgroup_status_msg) { - $htgroup_status_msg = t('!file file is available', array('!file' => 'htgroup')); - $htgroup_status_val = REQUIREMENT_OK; - } - - $status = $htpasswd_status_val > $htgroup_status_val ? - $htpasswd_status_val : $htgroup_status_val; - - $requirements['htpasswdsync_status'] = array( - 'title' => t('HTPasswd Sync Status'), - 'value' => $htpasswd_status_msg ."
". - $htgroup_status_msg ."
". - t('last update !time ago.', array( - '!time' => format_interval(time()-variable_get('htpasswdsync_cron_time', 0)))), - 'severity' => $status, + $file = $form_state['values']['htpasswdsync_htgroup']; + if(!empty($file)) { + if($msg = _htpasswdsync_check_file($file)) { + form_set_error('htpasswdsync_htgroup', $msg); + $error = true; + } + if(!$form_state['values']['htpasswdsync_names_without_whitespace']) { + form_set_error('htpasswdsync_htgroup', 'htgroup file access restriction can only work if you remove the whitespaces in user names and groups (see setting below)'); + $error = true; + } + } + + // Directly apply changes if no validation errors + if(!$error) { + _htpasswdsync_updatepasswd(); + _htpasswdsync_updategroup(); + } +} + + +/** + * Administration menu entry + * @return array + */ +function htpasswdsync_menu() { + $items = array(); + $items['admin/config/people/htpasswdsync'] = array( + 'title' => 'htasswd file synchronization', + 'description' => 'Preferences for the HTPasswd Sync module', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('htpasswdsync_admin'), + 'access arguments' => array('access administration pages'), ); - if ($status != REQUIREMENT_OK) { - $requirements['htpasswdsync_status']['description'] = - t('Cannot access files, please check configuration.', - array('!url' => url('admin/user/htpasswdsync'))); - } + return $items; +} + - return $requirements; +/** + * Runtime phase htgroup / htpasswd file check + * @param string $phase + * @return array + */ +function htpasswdsync_requirements($phase) { + if($phase != 'runtime') { + return array(); + } else { + $requirements = array(); + + if(_htpasswdsync_passfilename() != "") { + $htpasswd_status_msg = _htpasswdsync_check_file(_htpasswdsync_passfilename()); + $htpasswd_status_val = REQUIREMENT_ERROR; + if (!$htpasswd_status_msg) { + $htpasswd_status_msg = t('!file file is writable', array('!file' => 'htpasswd')); + $htpasswd_status_val = REQUIREMENT_OK; + } + } else { + $htpasswd_status_msg = 'Not required'; + $htpasswd_status_val = REQUIREMENT_OK; + } + + if(_htpasswdsync_grpfilename() != "") { + $htgroup_status_msg = _htpasswdsync_check_file(_htpasswdsync_grpfilename()); + $htgroup_status_val = REQUIREMENT_ERROR; + if (!$htgroup_status_msg) { + $htgroup_status_msg = t('!file file is writable', array('!file' => 'htgroup')); + $htgroup_status_val = REQUIREMENT_OK; + } + } else { + $htgroup_status_msg = 'Not required'; + $htgroup_status_val = REQUIREMENT_OK; + } + + $status = $htpasswd_status_val != REQUIREMENT_OK && $htgroup_status_val != REQUIREMENT_OK; + + $requirements['htpasswdsync_status'] = array( + 'title' => t('HTPasswd Sync Status'), + 'value' => $htpasswd_status_msg . "
" . $htgroup_status_msg . "
" . + t('last update !time ago.', array( + '!time' => format_interval(time()-variable_get('htpasswdsync_cron_time', 0)))), + 'severity' => $status, + ); + + if($status != REQUIREMENT_OK) { + $requirements['htpasswdsync_status']['description'] = + t('Cannot access files, please check configuration.', + array('!url' => url('admin/user/htpasswdsync'))); + } + return $requirements; + } } + +/** + * Cron hook + * @return void + */ function htpasswdsync_cron() { - $time = variable_get('htpasswdsync_cron_time', 0); - $res = db_query('DELETE FROM {htpasswdsync_passwd} WHERE username NOT IN (SELECT name from {users})'); - _htpasswdsync_updatepasswd(); - _htpasswdsync_updategroup(); - variable_set('htpasswdsync_cron_time', time()); + $time = variable_get('htpasswdsync_cron_time', 0); + _htpasswdsync_commit_to_htpasswd(); + $res = db_query('DELETE FROM {htpasswdsync_htpasswd} WHERE username NOT IN (SELECT name from {users})'); + variable_set('htpasswdsync_cron_time', time()); } +?> \ No newline at end of file diff --git a/README.txt b/README.txt old mode 100644 new mode 100755 index 936e08e..d2af52a --- a/README.txt +++ b/README.txt @@ -1,8 +1,7 @@ - -- SUMMARY -- -The HTPasswd Sync module let you synchronize a htpasswd and a -htgroup file with the user database. +The HTPasswd Sync module let you synchronize a htpasswd and a htgroup file with +the user database. For a full description of the module, visit the project page: http://drupal.org/project/htpasswdsync @@ -38,7 +37,7 @@ properly cleaned up. The file that will synchronize the roles. - - password hashing algorythm + - password hashing algorithm Let you choose how the password is encrypted/hashed. There are two options crypt and SHA-1. -- cgit v1.2.3