"iVBORw0KGgoAAAANSUhEUgAAAA4AAAALCAYAAABPhbxiAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAAsNAAALDQHtB8AsAAAAB3RJTUUH1AQFFhQ155Nu3wAAAFRJREFUeJxjZMAE/5HYjFjkGRgYGBiYcGhiROMTBOgKcWpEt5GBgYGBjVhbYIAVagM65sGmGNnz+PyDEUjYnEoUwKrx/3/CgUm2jVTxIwcOTczYBAEMQw8nZ2fMggAAAABJRU5ErkJggg==", "padlock-open" => "iVBORw0KGgoAAAANSUhEUgAAAA4AAAALCAYAAABPhbxiAAAABmJLR0QA/wAAAAAzJ3zzAAAACXBIWXMAAAsNAAALDQHtB8AsAAAAB3RJTUUH1AQFFhYN/ae0wwAAAFFJREFUeJxjYMAETGj0fySMFzAisZE1EKUZWSNWPhOaBAsDAwMrsabCACsDqn9gmAebYnT/4AKM6ALoTiUaYNX4/z/hwCPbRqr4kQOHJmZsggBvtxMm/Y4B+AAAAABJRU5ErkJggg==", ); $imageDataEnc = $imagesEncoded[$_GET["image"]]; if ($imageDataEnc) { $maxAge = 31536000; // one year $imageDataRaw = base64_decode($imageDataEnc); Header("Content-Type: image/png"); Header("Content-Length: ".strlen($imageDataRaw)); Header("Cache-Control: public, max-age=$maxAge, must-revalidate"); echo $imageDataRaw; } exit; } ?> htpasstool
302 Found

Found

The document has moved here.


$pretty"; } function warn($desc,$no_overview=0) { global $wdir, $dir; global $pwd_printed; if (file_exists($wdir) and (!$pwd_printed)) { pwd(); $pwd_printed = 1; } print ""; if (!$no_overview) overview($wdir,$dir); } function fail($desc,$no_overview=0) { global $wdir, $dir; global $pwd_printed; if (file_exists($wdir) and (!$pwd_printed)) { pwd(); $pwd_printed = 1; } print ""; if (!$no_overview) overview($wdir,$dir); print "
"; print "
$desc
\n"; print "
"; print "
$desc
\n"; print "
"; print "
"; exit; } function php4_scandir($dir, $sort = 0) { if (PHP_VERSION >= '5') return scandir($dir, $sort); $dirmap = array(); if(!is_dir($dir)) { trigger_error("lib::scandir($dir): failed to open dir: Invalid argument", E_USER_WARNING); return false; } $dir = opendir($dir); while (false !== ($file = readdir($dir))) $dirmap[] = $file; closedir($dir); ($sort == 1) ? rsort($dirmap) : sort($dirmap); return $dirmap; } function pwd() { global $wdir, $dir; $wd_link = URL_PREFIX . $dir; $wd_link2 = ''; if (strlen($wd_link) != 0) { $wd_link = ''; $wd_link2 = ''; } ?> htpasstool = 1) { print ""; } else { print ""; } ?>
Base directory:
Working directory: [change] \"closedProtected
\"openUnprotected
"; if ($message != '') $output .= "
$message
"; $output .= ""; } $output .= ""; $output .= "
Users: [add]
"; if (is_readable("$wdir/" . HTPASSWD)) { $fp = openfile("$wdir/" . HTPASSWD); $lines = readhtpasswd($fp); closefile($fp); $output .= "
\n"; if (count($lines) != 0) { foreach ($lines as $k=>$v) { $output .= ""; $output .= "\n"; } $output .= "
$k{$lines[$k]['comment']}" . linkit($dir,'editform',$k,'Edit') . " " . linkit($dir,'passwordform',$k,'Password') . " " . linkit($dir,'delete',$k) . " " . linkit($dir,'assignpasswordform',$k,'Assign random password') . "
\n
\n"; } else { $output .= "
The " . HTPASSWD . " file is currently empty.
\n"; $output .= ""; $output .= ""; } } else { $output .= "
The " . HTPASSWD . " file does not exist yet.
\n"; } $output .= ""; print $output; } function openfile($path) { $fp = @fopen("$path", "r+") or fail("File $path could not be opened",1); if (flock($fp, LOCK_EX)) { // do an exclusive lock return $fp; } else { fclose($fp); fail("Couldn't lock the file !"); } } function createfile($path) { $path = preg_replace('/\/{1,}/','/',$path); $fp = @fopen("$path", "w") or fail("File $path could not be created",1); if (flock($fp, LOCK_EX)) { // do an exclusive lock return $fp; } else { fclose($fp); fail("Couldn't lock the file !"); } } function removehtaccessfile($dir) { if (!file_exists("$dir/" . HTACCESS)) fail("The $dir/" . HTACCESS . " file does not exist"); @unlink("$dir/" . HTACCESS) or fail("Could not remove $dir/" . HTACCESS); } function installhtaccessfile($dir) { if (file_exists("$dir/" . HTACCESS)) fail("The $dir/" . HTACCESS . " file/dir exists"); $fp = createfile("$dir/" . HTACCESS); $output = "# htpasstool v1.0 protected\nAuthType Basic\nAuthName \"Restricted Area\"\nAuthUserFile \"$dir/" . HTPASSWD . "\"\nrequire valid-user\n"; fwrite($fp,$output); closefile($fp); } function readhtpasswd($fp) { while (!feof($fp)) { $data = fgets($fp, 4096); # We assume no line is longer than 4096 characters if (preg_match("/^\s*$/",$data)) continue; # We don't need blank lines $data = preg_replace("/\n/",'',$data); $tmp = preg_split('/:/', $data); if ($tmp[0] == '') continue; # Skip blank lines or lines with empty logins $lines[$tmp[0]]['password'] = $tmp[1]; $lines[$tmp[0]]['email'] = $tmp[2]; $lines[$tmp[0]]['comment'] = $tmp[3]; } return $lines; } function writehtpasswd($fp,$lines) { fseek($fp, 0); ksort($lines); foreach ($lines as $key => $value) { #print "line to write: $key:$value\n

"; $output .= $key . ':' . $lines[$key]['password'] . ':' . $lines[$key]['email'] . ':' . $lines[$key]['comment'] . "\n"; } # $output = preg_replace("/\n$/",'',$output); fwrite($fp,$output); ftruncate($fp,ftell($fp)); # We want to erase any additional content in the file } function closefile($fp) { flock($fp, LOCK_UN); // release the lock fclose($fp); } function assignpasswordform() { global $wdir, $dir, $pwd_printed, $url_prefix; global $login, $admin_email, $password_subject, $password_body, $pattern; pwd(); $pwd_printed = 1; $fp = openfile("$wdir/" . HTPASSWD); $lines = readhtpasswd($fp); closefile($fp); if (!array_key_exists($login ,$lines)) { fail("This user does not exist"); } $password_parsed_subject = $password_subject; $tmp_pass = $pattern{rand(0,61)} . $pattern{rand(0,61)} . $pattern{rand(0,61)} . $pattern{rand(0,61)} . $pattern{rand(0,61)} . $pattern{rand(0,61)} . $pattern{rand(0,61)} . $pattern{rand(0,61)}; if ($url_prefix == '') { $http = 'http://'; if ($_SERVER['HTTPS'] != '') $http = 'https://'; $tmpa = preg_replace('/\/[^\/]+$/','/',$_SERVER['REQUEST_URI']); $tmpurl = $http . $_SERVER['SERVER_NAME'] . "$tmpa$dir"; } else { $tmpurl = $url_prefix . $dir; } $patterns = array("/%%admin_email%%/","/%%url%%/","/%%login%%/","/%%password%%/"); $replacements = array($admin_email,$tmpurl,$login,$tmp_pass); $password_parsed_body = preg_replace($patterns,$replacements,$password_body); ?>

Assign and e-mail a new password:
User:
E-mail address:
Sender e-mail address:
Subject:
Message:
Add user:
*Login:
Assign random password:
*Password:
*Password (confirm):
E-mail:
Comment:
Change working directory:
New working directory:
Change password:
User:
New password:
New password (confirm):
Edit user:
Login:
E-mail:
Comment:
Remove .htaccess file:
You are about to remove the .htaccess file from the directory . This will make this directory accessible for anyone on the network, without a password prompt. Are you sure you want to do this?

WARNING! This .htaccess file was NOT created by htpasstool. Are you sure?

WARNING! This .htaccess file protects htpasstool. If you remove this .htaccess file, ANYONE will be able to set/remove passwords in your webspace, because htpasstool will no longer be password protected. Are you sure?

= 15))) { installhtaccessfile("$wdir"); $message = "The directory $dir has been protected\n"; } else { fail("When protecting the directory that governs htpasstool, you need to define at least one user first"); } } if (!$pwd_printed) { pwd(); $pwd_printed = 1; } overview($wdir,$dir); ?>