[slbackup-commit] CVS update: slbackup-php/src index.php

finnarne-guest at alioth.debian.org finnarne-guest at alioth.debian.org
Fri Apr 13 09:20:35 UTC 2007 

  User: finnarne-guest
  Date: 07/04/13 09:20:35

  Modified:    src      index.php
  Log:
  Making the storage of password more secure by storing on part in the form,
  and one in a session variable on te server (copied mostly from lwat)
  
  Revision  Changes    Path
  1.8       +16 -2     slbackup-php/src/index.php
  
  Index: index.php
  ===================================================================
  RCS file: /cvsroot/slbackup/slbackup-php/src/index.php,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- index.php	13 Apr 2007 06:33:19 -0000	1.7
  +++ index.php	13 Apr 2007 09:20:34 -0000	1.8
  @@ -199,6 +199,11 @@
           case "Passwd": 
               $passwd = $value ; 
               break ; 
  +        case "xorstring": 
  +            $xorstring = $value ; 
  +            $encrypt = $_SESSION["encrypt"] ; 
  +            $passwd = xorstring ($encrypt, $xorstring) ; 
  +            break ; 
           case "addclient":
           case "server":
           case "chooseclient":
  @@ -229,6 +234,12 @@
       return ; 
   }
   
  +if (empty($encrypt) || empty ($xorstring)) {
  +    $encrypt = crypt(sprintf (gettimeofday (true))) ;
  +    $_SESSION['encrypt'] = $encrypt ; 
  +    $xorstring = xorstring ($encrypt, $passwd) ; 
  +}
  +
   $scheduler = readcron ($passwd) ; 
   
   foreach ($scheduler as $line) {
  @@ -347,7 +358,7 @@
   	writeconf ($passwd, $config) ; 
   	break ;
   }
  -    $smarty->assign ('passwd', $passwd) ; 
  +    $smarty->assign ('xorstring', $xorstring) ; 
       if ($config["active"]) 
   	$smarty->assign ('active', "checked") ; 
       for ($i = 0 ; $i < 60 ; $i += 5)
  @@ -363,7 +374,10 @@
       $smarty->assign ('server_type', $config["server_type"]) ; 
       $smarty->assign ('server_user', $config["server_user"]) ; 
       $smarty->assign ('types', array ('local', 'remote')) ; 
  -    $smarty->assign ('clients', array_keys($config["clients"])) ; 
  +    $clients = array_keys($config["clients"]) ; 
  +    $smarty->assign ('clients', $clients) ; 
  +    if (empty($client))
  +        $client = $clients[0] ; 
       $smarty->assign ('client', $client) ; 
       $smarty->assign ('clientaddress', $config["clients"][$client]["address"]) ; 
       $smarty->assign ('clientkeep', $config["clients"][$client]["keep"]) ;

More information about the slbackup-commit mailing list