"Fossies" - the Fresh Open Source Software Archive

Member "openmailadmin-1.0.1/inc/lib/Password.php" (31 Jul 2006, 2955 Bytes) of package /linux/privat/old/openmailadmin-1.0.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "Password.php" see the Fossies "Dox" file reference documentation.

    1 <?php
    2 /**
    3  * Auxiliary class for being used by class User to handle passwords.
    4  *
    5  * @see     obfuscator_decrypt(), obfuscator_encrypt()
    6  */
    7 class Password
    8 {
    9     public      $ciphered;
   10     private     $plaintext      = null;
   11     private     $cipher_strategy;
   12     private     $user;
   13 
   14     /**
   15      * @param   user        The user this class manages password for.
   16      * @param   algorithm   Name of cipher algorithm. If none is given PasswordMD5 will be used.
   17      */
   18     public function __construct(User $user, $ciphered = null, IPasswordStrategy $algorithm) {
   19         $this->cipher_strategy = $algorithm;
   20         $this->ciphered = $ciphered;
   21         $this->user = $user;
   22     }
   23 
   24     /**
   25      * @param   plaintext   The password as plain text.
   26      * @return  boolean
   27      */
   28     public static function is_secure($plaintext) {
   29         return preg_match('/[a-z]{1}/', $plaintext)
   30             && preg_match('/[A-Z]{1}/', $plaintext)
   31             && preg_match('/[0-9]{1}/', $plaintext);
   32     }
   33 
   34     /**
   35      * @return  boolean     whether plaintext password matches stored hash.
   36      */
   37     public function equals($plaintext_password) {
   38         return $this->cipher_strategy->equals($this->ciphered, $plaintext_password);
   39     }
   40 
   41     /**
   42      * Ciphers and sets the given password for attached user.
   43      */
   44     public function set($plaintext_password) {
   45         $tmp = $this->cipher_strategy->cipher($plaintext_password);
   46         if($this->user->immediate_set('password', $tmp)) {
   47             $this->ciphered = $tmp;
   48             $this->store_plaintext($plaintext_password);
   49             return true;
   50         }
   51         return false;
   52     }
   53 
   54     /**
   55      * @source      http://www.inside-php.de/scripte/PHP-Code%20Ausschnitte-18/Erweiterter-Passwort-Generator.html
   56      */
   57     private function generatePW($length=8) {
   58         $dummy = array_merge(range('0', '9'), range('a', 'z'), range('A', 'Z'),
   59                     array('#','&','@','$','_','-','?','+', '!', ':'));
   60         mt_srand((double)microtime()*1000000);
   61         for($i = 1; $i <= (count($dummy)*2); $i++) {
   62             $swap = mt_rand(0,count($dummy)-1);
   63             $tmp = $dummy[$swap];
   64             $dummy[$swap] = $dummy[0];
   65             $dummy[0] = $tmp;
   66         }
   67         return substr(implode('',$dummy),0,$length);
   68     }
   69 
   70     /**
   71      * Generates a random password and sets it.
   72      *
   73      * @param   min New password's minimum length.
   74      * @param   max New password's maximum length.
   75      * @return  String  with the generated password s plain text.
   76      */
   77     public function set_random($min, $max) {
   78         srand((double)microtime()*674563);
   79         do {
   80             $pw = $this->generatePW(round( ($min + rand($min, $max)) /2));
   81         } while(!Password::is_secure($pw));
   82         $this->set($pw);
   83         return $pw;
   84     }
   85 
   86     /**
   87      * For storing the entire class in $_SESSION.
   88      */
   89     public function store_plaintext($plaintext_password) {
   90         $this->plaintext = obfuscator_encrypt($plaintext_password);
   91     }
   92 
   93     /**
   94      * @return  String      With decrypted plaintext password.
   95      * @throws  RuntimeException    if no plaintext password has been stored so far.
   96      */
   97     public function get_plaintext() {
   98         if(is_null($this->plaintext)) {
   99             throw new RuntimeException('No plaintext password has been provided for storage, yet.');
  100         } else {
  101             return obfuscator_decrypt($this->plaintext);
  102         }
  103     }
  104 
  105 }
  106 ?>