You are here

Home » API reference » Secure Site 6.2 » stored_passwords.php

function _stored_passwords_manage in Secure Site 6.2

Same name and namespace in other branches
  1. 8 digest_md5/stored_passwords.php \_stored_passwords_manage()
  2. 7.2 digest_md5/stored_passwords.php \_stored_passwords_manage()

Work with stored passwords.

Parameters

$edit: An array of data with the following keys:

  • username: User name
  • realm: Site realm
  • pass: User password
  • op: The operation to be performed. If none is given, an existing user will be updated.

Return value

None.

File

digest_md5/stored_passwords.php, line 82
This script manages stored passwords. Only the root user should have access to this script and the database used to store passwords.

Code

function _stored_passwords_manage($edit) {
  $op = isset($edit['op']) ? $edit['op'] : NULL;
  switch ($op) {
    case 'create':
      if (db_result(db_query_range("SELECT name FROM {securesite_passwords} WHERE name = '%s' AND realm = '%s'", $edit['username'], $edit['realm'], 0, 1)) === FALSE) {
        $result = db_query("INSERT INTO {securesite_passwords} (name, realm, pass) VALUES ('%s', '%s', '%s')", $edit['username'], $edit['realm'], $edit['pass']);
        $output = $result === FALSE ? "Failed to add {$edit['username']} to {$edit['realm']}." : "Added {$edit['username']} to {$edit['realm']}.";
      }
      else {
        unset($edit['op']);
        $output = _stored_passwords_manage($edit);
      }
      break;
    case 'delete':
      if (isset($edit['username'])) {
        if (db_result(db_query_range("SELECT name FROM {securesite_passwords} WHERE name = '%s' AND realm = '%s'", $edit['username'], $edit['realm'], 0, 1)) === FALSE) {
          $output = "{$edit['username']} not found in {$edit['realm']}.";
        }
        else {
          $result = db_query("DELETE FROM {securesite_passwords} WHERE name = '%s' AND realm = '%s'", $edit['username'], $edit['realm']);
          $output = $result === FALSE ? "Failed to remove {$edit['username']} from {$edit['realm']}." : "Removed {$edit['username']} from {$edit['realm']}.";
        }
      }
      else {
        $result = db_query("DELETE FROM {securesite_passwords} WHERE realm = '%s'", $edit['realm']);
        $output = $result === FALSE ? "Failed to remove users from {$edit['realm']}." : "Removed users from {$edit['realm']}.";
      }
      break;
    default:
      if (db_result(db_query_range("SELECT name FROM {securesite_passwords} WHERE name = '%s' AND realm = '%s'", $edit['username'], $edit['realm'], 0, 1)) === FALSE) {
        $output = "{$edit['username']} not found in {$edit['realm']}.";
      }
      else {
        $result = db_query("UPDATE {securesite_passwords} SET pass = '%s' WHERE name = '%s' AND realm = '%s'", $edit['pass'], $edit['username'], $edit['realm']);
        $output = $result === FALSE ? "Failed to update {$edit['username']} in {$edit['realm']}." : "Updated {$edit['username']} in {$edit['realm']}.";
      }
      break;
  }
  exit("{$output}\n");
}