function _stored_passwords_manage in Secure Site 8
Same name and namespace in other branches
- 6.2 digest_md5/stored_passwords.php \_stored_passwords_manage()
- 7.2 digest_md5/stored_passwords.php \_stored_passwords_manage()
Work with stored passwords.
Parameters
$edit: An array of data with the following keys:
- username: User name
- realm: Site realm
- pass: User password
- op: The operation to be performed. If none is given, an existing user will be updated.
Return value
None.
File
- digest_md5/
stored_passwords.php, line 102 - This script manages stored passwords. Only the root user should have access to this script and the database used to store passwords.
Code
function _stored_passwords_manage($edit) {
$op = isset($edit['op']) ? $edit['op'] : NULL;
switch ($op) {
case 'create':
if (db_query("SELECT COUNT(*) FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
':name' => $edit['username'],
':realm' => $edit['realm'],
))
->fetchField() == 0) {
$result = db_query("INSERT INTO `securesite_passwords` (name, realm, pass) VALUES (:name, :realm, :pass)", array(
':name' => $edit['username'],
':realm' => $edit['realm'],
':pass' => $edit['pass'],
));
$output = $result === FALSE ? "Failed to add {$edit['username']} to {$edit['realm']}." : "Added {$edit['username']} to {$edit['realm']}.";
}
else {
unset($edit['op']);
$output = _stored_passwords_manage($edit);
}
break;
case 'delete':
if (isset($edit['username'])) {
if (db_query("SELECT COUNT(*) FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
':name' => $edit['username'],
':realm' => $edit['realm'],
))
->fetchField() == 0) {
$output = "{$edit['username']} not found in {$edit['realm']}.";
}
else {
$result = db_query("DELETE FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
':name' => $edit['username'],
':realm' => $edit['realm'],
));
$output = $result === FALSE ? "Failed to remove {$edit['username']} from {$edit['realm']}." : "Removed {$edit['username']} from {$edit['realm']}.";
}
}
else {
$result = db_query("DELETE FROM `securesite_passwords` WHERE realm = :realm", array(
'realm' => $edit['realm'],
));
$output = $result === FALSE ? "Failed to remove users from {$edit['realm']}." : "Removed users from {$edit['realm']}.";
}
break;
default:
if (db_query("SELECT COUNT(*) FROM `securesite_passwords` WHERE name = :name AND realm = :realm", array(
':name' => $edit['username'],
':realm' => $edit['realm'],
))
->fetchField() == 0) {
$output = "{$edit['username']} not found in {$edit['realm']}.";
}
else {
$result = db_query("UPDATE `securesite_passwords` SET pass = :pass WHERE name = :name AND realm = :realm", array(
':pass' => $edit['pass'],
':name' => $edit['username'],
':realm' => $edit['realm'],
));
$output = $result === FALSE ? "Failed to update {$edit['username']} in {$edit['realm']}." : "Updated {$edit['username']} in {$edit['realm']}.";
}
break;
}
exit("{$output}\n");
}