function _stored_passwords_manage in Secure Site 8

Same name and namespace in other branches

6.2 digest_md5/stored_passwords.php \_stored_passwords_manage()
7.2 digest_md5/stored_passwords.php \_stored_passwords_manage()

Work with stored passwords.

Parameters

$edit: An array of data with the following keys:

username: User name
realm: Site realm
pass: User password
op: The operation to be performed. If none is given, an existing user will be updated.

Return value

None.

File

digest_md5/stored_passwords.php, line 102: This script manages stored passwords. Only the root user should have access to this script and the database used to store passwords.

Code

function _stored_passwords_manage($edit) {
  $op = isset($edit['op']) ? $edit['op'] : NULL;
  switch ($op) {
    case 'create':
      if (db_query("SELECT COUNT(*) FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
        ':name' => $edit['username'],
        ':realm' => $edit['realm'],
      ))
        ->fetchField() == 0) {
        $result = db_query("INSERT INTO `securesite_passwords` (name, realm, pass) VALUES (:name, :realm, :pass)", array(
          ':name' => $edit['username'],
          ':realm' => $edit['realm'],
          ':pass' => $edit['pass'],
        ));
        $output = $result === FALSE ? "Failed to add {$edit['username']} to {$edit['realm']}." : "Added {$edit['username']} to {$edit['realm']}.";
      }
      else {
        unset($edit['op']);
        $output = _stored_passwords_manage($edit);
      }
      break;
    case 'delete':
      if (isset($edit['username'])) {
        if (db_query("SELECT COUNT(*) FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
          ':name' => $edit['username'],
          ':realm' => $edit['realm'],
        ))
          ->fetchField() == 0) {
          $output = "{$edit['username']} not found in {$edit['realm']}.";
        }
        else {
          $result = db_query("DELETE FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
            ':name' => $edit['username'],
            ':realm' => $edit['realm'],
          ));
          $output = $result === FALSE ? "Failed to remove {$edit['username']} from {$edit['realm']}." : "Removed {$edit['username']} from {$edit['realm']}.";
        }
      }
      else {
        $result = db_query("DELETE FROM `securesite_passwords` WHERE realm = :realm", array(
          'realm' => $edit['realm'],
        ));
        $output = $result === FALSE ? "Failed to remove users from {$edit['realm']}." : "Removed users from {$edit['realm']}.";
      }
      break;
    default:
      if (db_query("SELECT COUNT(*) FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
        ':name' => $edit['username'],
        ':realm' => $edit['realm'],
      ))
        ->fetchField() == 0) {
        $output = "{$edit['username']} not found in {$edit['realm']}.";
      }
      else {
        $result = db_query("UPDATE `securesite_passwords` SET pass = :pass WHERE name = :name AND realm = :realm", array(
          ':pass' => $edit['pass'],
          ':name' => $edit['username'],
          ':realm' => $edit['realm'],
        ));
        $output = $result === FALSE ? "Failed to update {$edit['username']} in {$edit['realm']}." : "Updated {$edit['username']} in {$edit['realm']}.";
      }
      break;
  }
  exit("{$output}\n");
}

You are here

function _stored_passwords_manage in Secure Site 8

Parameters

Return value

File

Code

API Navigation