0byt3m1n1
Path:
/
data
/
applications
/
aps.bak
/
joomla
/
1.5.9-0
/
standard
/
scripts
/
[
Home
]
File: joomla-util.php
<?php /** * @version $Id: helper.php 10381 2008-06-01 03:35:53Z pasamio $ * @package Joomla * @subpackage Installation * @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. * @license GNU/GPL, see LICENSE.php * Joomla! is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See COPYRIGHT.php for copyright notices and details. */ // no direct access //defined('_JEXEC') or die('Restricted access'); /** * @package Joomla * @subpackage Installation */ /** * Get the admin password */ function getEncryptedAdminPassword($adminPassword) { // Create random salt/password for the admin user $salt = genRandomPassword(32); #$salt=''; $crypt = getCryptedPassword($adminPassword, $salt); $cryptpass = $crypt.':'.$salt; return $cryptpass; } /** * Formats a password using the current encryption. * * @access public * @param string $plaintext The plaintext password to encrypt. * @param string $salt The salt to use to encrypt the password. [] * If not present, a new salt will be * generated. * @param string $encryption The kind of pasword encryption to use. * Defaults to md5-hex. * @param boolean $show_encrypt Some password systems prepend the kind of * encryption to the crypted password ({SHA}, * etc). Defaults to false. * * @return string The encrypted password. */ function getCryptedPassword($plaintext, $salt = '', $encryption = 'md5-hex', $show_encrypt = false) { // Get the salt to use. $salt = getSalt($encryption, $salt, $plaintext); // Encrypt the password. switch ($encryption) { case 'md5-hex' : default : $encrypted = ($salt) ? md5($plaintext.$salt) : md5($plaintext); return ($show_encrypt) ? '{MD5}'.$encrypted : $encrypted; } } /** * Returns a salt for the appropriate kind of password encryption. * Optionally takes a seed and a plaintext password, to extract the seed * of an existing password, or for encryption types that use the plaintext * in the generation of the salt. * * @access public * @param string $encryption The kind of pasword encryption to use. * Defaults to md5-hex. * @param string $seed The seed to get the salt from (probably a * previously generated password). Defaults to * generating a new seed. * @param string $plaintext The plaintext password that we're generating * a salt for. Defaults to none. * * @return string The generated or extracted salt. */ function getSalt($encryption = 'md5-hex', $seed = '', $plaintext = '') { // Encrypt the password. switch ($encryption) { case 'crypt' : case 'crypt-des' : if ($seed) { return substr(preg_replace('|^{crypt}|i', '', $seed), 0, 2); } else { return substr(md5(mt_rand()), 0, 2); } break; case 'crypt-md5' : if ($seed) { return substr(preg_replace('|^{crypt}|i', '', $seed), 0, 12); } else { return '$1$'.substr(md5(mt_rand()), 0, 8).'$'; } break; case 'crypt-blowfish' : if ($seed) { return substr(preg_replace('|^{crypt}|i', '', $seed), 0, 16); } else { return '$2$'.substr(md5(mt_rand()), 0, 12).'$'; } break; case 'ssha' : if ($seed) { return substr(preg_replace('|^{SSHA}|', '', $seed), -20); } else { return mhash_keygen_s2k(MHASH_SHA1, $plaintext, substr(pack('h*', md5(mt_rand())), 0, 8), 4); } break; case 'smd5' : if ($seed) { return substr(preg_replace('|^{SMD5}|', '', $seed), -16); } else { return mhash_keygen_s2k(MHASH_MD5, $plaintext, substr(pack('h*', md5(mt_rand())), 0, 8), 4); } break; case 'aprmd5' : /* 64 characters that are valid for APRMD5 passwords. */ $APRMD5 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if ($seed) { return substr(preg_replace('/^\$apr1\$(.{8}).*/', '\\1', $seed), 0, 8); } else { $salt = ''; for ($i = 0; $i < 8; $i ++) { $salt .= $APRMD5 { rand(0, 63) }; } return $salt; } break; default : $salt = ''; if ($seed) { $salt = $seed; } return $salt; break; } } /** * Generate a random password * * @static * @param int $length Length of the password to generate * @return string Random Password * @since 1.5 */ function genRandomPassword($length = 8) { $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $len = strlen($salt); $makepass = ''; $stat = @stat(__FILE__); if(empty($stat) || !is_array($stat)) $stat = array(php_uname()); mt_srand(crc32(microtime() . implode('|', $stat))); for ($i = 0; $i < $length; $i ++) { $makepass .= $salt[mt_rand(0, $len -1)]; } return $makepass; } ?>