1 <?php printf("<?xml version=\"1.0\" encoding=\"%s\"?>\n", 'iso-8859-1'); ?>
\r
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
\r
3 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
\r
4 <html xmlns="http://www.w3.org/1999/xhtml">
\r
6 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
\r
7 <!-- $Id: passencrypt.php,v 1.2 2002-09-08 12:05:14 rurban Exp $ -->
\r
8 <title>Password Encryption Tool</title>
\r
10 Copyright 1999, 2000, 2001, 2002 $ThePhpWikiProgrammingTeam
\r
12 This file is part of PhpWiki.
\r
14 PhpWiki is free software; you can redistribute it and/or modify
\r
15 it under the terms of the GNU General Public License as published by
\r
16 the Free Software Foundation; either version 2 of the License, or
\r
17 (at your option) any later version.
\r
19 PhpWiki is distributed in the hope that it will be useful,
\r
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
\r
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
\r
22 GNU General Public License for more details.
\r
24 You should have received a copy of the GNU General Public License
\r
25 along with PhpWiki; if not, write to the Free Software
\r
26 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
\r
30 <h1>Password Encryption Tool</h1>
\r
33 * Seed the random number generator.
\r
35 * better_srand() ensures the randomizer is seeded only once.
\r
37 * How random do you want it? See:
\r
38 * http://www.php.net/manual/en/function.srand.php
\r
39 * http://www.php.net/manual/en/function.mt-srand.php
\r
41 function better_srand($seed = '') {
\r
42 static $wascalled = FALSE;
\r
45 list($usec,$sec)=explode(" ",microtime());
\r
47 $seed = (double) $usec * $sec;
\r
48 else // once in a while use the combined LCG entropy
\r
49 $seed = (double) 1000000 * substr(uniqid("",true),13);
\r
51 if (function_exists('mt_srand')) {
\r
52 mt_srand($seed); // mersenne twister
\r
60 function rand_ascii($length = 1) {
\r
63 for ($i = 1; $i <= $length; $i++) {
\r
64 // return only typeable 7 bit ascii, avoid quotes
\r
65 if (function_exists('mt_rand'))
\r
66 // the usually bad glibc srand()
\r
67 $s .= chr(mt_rand(40, 126));
\r
69 $s .= chr(rand(40, 126));
\r
75 // Function to create better user passwords (much larger keyspace),
\r
76 // suitable for user passwords.
\r
77 // Sequence of random ASCII numbers, letters and some special chars.
\r
78 // Note: There exist other algorithms for easy-to-remember passwords.
\r
79 function random_good_password ($minlength = 5, $maxlength = 8) {
\r
81 // assume ASCII ordering (not valid on EBCDIC systems!)
\r
82 $valid_chars = "!#%&+-.0123456789=@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz";
\r
83 $start = ord($valid_chars);
\r
84 $end = ord(substr($valid_chars,-1));
\r
86 if (function_exists('mt_rand')) // mersenne twister
\r
87 $length = mt_rand($minlength, $maxlength);
\r
88 else // the usually bad glibc rand()
\r
89 $length = rand($minlength, $maxlength);
\r
90 while ($length > 0) {
\r
91 if (function_exists('mt_rand'))
\r
92 $newchar = mt_rand($start, $end);
\r
94 $newchar = rand($start, $end);
\r
95 if (! strrpos($valid_chars,$newchar) ) continue; // skip holes
\r
96 $newpass .= sprintf("%c",$newchar);
\r
102 $posted = $GLOBALS['HTTP_POST_VARS'];
\r
103 if (!empty($posted['create'])) {
\r
104 $new_password = random_good_password();
\r
105 echo "<p>The created new random password is:<br />\n<br /> \n<strong>",htmlentities($new_password),"</strong></p>\n";
\r
106 $posted['password'] = $new_password;
\r
109 if ($password = $posted['password']) {
\r
111 * http://www.php.net/manual/en/function.crypt.php
\r
113 // Use the maximum salt length the system can handle.
\r
114 $salt_length = max(CRYPT_SALT_LENGTH,
\r
118 16 * CRYPT_BLOWFISH);
\r
119 // Generate the encrypted password.
\r
120 $encrypted_password = crypt($password, rand_ascii($salt_length));
\r
121 $debug = $HTTP_GET_VARS['debug'];
\r
123 echo "The password was encrypted using a salt length of: $salt_length<br />\n";
\r
124 echo "<p>The encrypted password is:<br />\n<br /> \n<strong>",htmlentities($encrypted_password),"</strong></p>\n";
\r
127 if (empty($REQUEST_URI))
\r
128 $REQUEST_URI = $HTTP_ENV_VARS['REQUEST_URI'];
\r
129 if (empty($REQUEST_URI))
\r
130 $REQUEST_URI = $HTTP_SERVER_VARS['REQUEST_URI'];
\r
133 <form action="<?php echo $REQUEST_URI ?>" method="post">
\r
134 <fieldset><legend accesskey="P">Password</legend>
\r
135 Enter a password to encrypt: <input type="password" name="password" value="" /> <input type="submit" value="Encrypt" />
\r
138 <fieldset><legend accesskey="C">Create</legend>
\r
139 Create new random password: <button name="create" value="1" />Create</button>
\r