svnno****@sourc*****
svnno****@sourc*****
2010年 1月 16日 (土) 03:58:14 JST
Revision: 781
http://sourceforge.jp/projects/p2-php/svn/view?view=rev&revision=781
Author: rsk
Date: 2010-01-16 03:58:14 +0900 (Sat, 16 Jan 2010)
Log Message:
-----------
expack:
- P2Lockクラスをlib/FlieCtl.phpã‹ã‚‰lib/P2Lock.phpã«åˆ†é›¢ã€‚
- MD5æš—å·åŒ–関数をクラス化ã€ã‚ªãƒ¼ãƒˆãƒãƒ¼ãƒ‰ã™ã‚‹ã‚ˆã†ã«ã—ãŸã€‚
- index.php?v={h2,v2,v3} ã§ã‚‚ペイン構æˆã‚’指定ã§ãるよã†ã«ã—ãŸã€‚
Modified Paths:
--------------
p2ex/trunk/index.php
p2ex/trunk/lib/FileCtl.php
p2ex/trunk/lib/Login.php
p2ex/trunk/lib/P2Util.php
p2ex/trunk/lib/setup.funcs.php
Added Paths:
-----------
p2ex/trunk/lib/MD5Crypt.php
Removed Paths:
-------------
p2ex/trunk/lib/md5_crypt.funcs.php
-------------- next part --------------
Modified: p2ex/trunk/index.php
===================================================================
--- p2ex/trunk/index.php 2010-01-15 18:16:24 UTC (rev 780)
+++ p2ex/trunk/index.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -5,6 +5,11 @@
define('P2_SESSION_CLOSE_AFTER_AUTHENTICATION', 0);
+if (array_key_exists('b', $_GET) && in_array($_GET['b'], array('h2', 'v2', 'v3'))) {
+ $_GET['panes'] = $_GET['b'];
+ $_GET['b'] = 'pc';
+}
+
require_once './conf/conf.inc.php';
$_login->authorize(); //ƒ†[ƒU”FØ
@@ -16,6 +21,7 @@
makeDenyHtaccess($_conf['pref_dir']);
makeDenyHtaccess($_conf['dat_dir']);
makeDenyHtaccess($_conf['idx_dir']);
+makeDenyHtaccess($_conf['db_dir']);
//=============================================================
Modified: p2ex/trunk/lib/FileCtl.php
===================================================================
--- p2ex/trunk/lib/FileCtl.php 2010-01-15 18:16:24 UTC (rev 780)
+++ p2ex/trunk/lib/FileCtl.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -385,114 +385,7 @@
}
// }}}
-// {{{ P2Lock
-/**
- * ŠÈˆÕƒƒbƒNƒNƒ‰ƒX
- */
-class P2Lock
-{
- // {{{ properties
-
- /**
- * ƒƒbƒNƒtƒ@ƒCƒ‹‚̃pƒX
- *
- * @var string
- */
- private $_filename;
-
- /**
- * ƒƒbƒNƒtƒ@ƒCƒ‹‚̃nƒ“ƒhƒ‹
- *
- * @var resource
- */
- private $_fh;
-
- /**
- * ƒƒbƒNƒtƒ@ƒCƒ‹‚ðŽ©“®‚Å휂·‚é‚©‚Ç‚¤‚©
- *
- * @var bool
- */
- private $_remove;
-
- // }}}
- // {{{ constructor
-
- /**
- * ƒRƒ“ƒXƒgƒ‰ƒNƒ^
- *
- * @param string $name ƒƒbƒN–¼ià”r‘¼ˆ—‚µ‚½‚¢ƒtƒ@ƒCƒ‹–¼j
- * @param bool $remove ƒƒbƒNƒtƒ@ƒCƒ‹‚ðŽ©“®‚Å휂·‚é‚©‚Ç‚¤‚©
- * @param string $suffix ƒƒbƒNƒtƒ@ƒCƒ‹–¼‚ÌÚ”öŽ«
- */
- public function __construct($name, $remove = true, $suffix = '.lck')
- {
- $this->_filename = p2_realpath($name . $suffix);
- $this->_remove = $remove;
-
- FileCtl::mkdir_for($this->_filename);
-
- $this->_fh = fopen($this->_filename, 'wb');
- if (!$this->_fh) {
- p2die("cannot create lockfile ({$this->_filename}).");
- }
- if (!flock($this->_fh, LOCK_EX)) {
- p2die("cannot get lock ({$this->_filename}).");
- }
- }
-
- // }}}
- // {{{ destructor
-
- /**
- * ƒfƒXƒgƒ‰ƒNƒ^
- */
- public function __destruct()
- {
- if (is_resource($this->_fh)) {
- flock($this->_fh, LOCK_UN);
- fclose($this->_fh);
- $this->_fh = null;
- }
-
- if ($this->_remove && file_exists($this->_filename)) {
- unlink($this->_filename);
- }
- }
-
- // }}}
- // {{{ free()
-
- /**
- * –¾Ž¦“I‚ɃƒbƒN‚ðŠJ•ú‚·‚é
- */
- public function free()
- {
- $this->__destruct();
- }
-
- // }}}
- // {{{ remove()
-
- /**
- * –¾Ž¦“I‚ɃƒbƒN‚ðŠJ•ú‚µAƒƒbƒNƒtƒ@ƒCƒ‹‚ð‹§íœ‚·‚é
- *
- * unlink()‚Ístat()‚̃LƒƒƒbƒVƒ…‚ðŽ©“®“I‚ɃNƒŠƒA‚·‚é‚Ì‚Å
- * clearstatcache()‚·‚é•K—v‚Í‚È‚¢
- */
- public function remove()
- {
- $this->__destruct();
- if (file_exists($this->_filename)) {
- unlink($this->_filename);
- }
- }
-
- // }}}
-}
-
-// }}}
-
/*
* Local Variables:
* mode: php
Modified: p2ex/trunk/lib/Login.php
===================================================================
--- p2ex/trunk/lib/Login.php 2010-01-15 18:16:24 UTC (rev 780)
+++ p2ex/trunk/lib/Login.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -732,16 +732,12 @@
return false;
}
- if (!function_exists('md5_encrypt')) {
- include P2_LIB_DIR . '/md5_crypt.funcs.php';
- }
-
$key = $this->getMd5CryptKey();
$idtime = $user_u. ':'. time(). ':';
$pw_enc = md5($idtime . $pass_x);
$str = $idtime . $pw_enc;
- $cid = md5_encrypt($str, $key, 32);
+ $cid = MD5Crypt::encrypt($str, $key, 32);
return $cid;
}
@@ -758,13 +754,9 @@
{
global $_conf;
- if (!function_exists('md5_decrypt')) {
- include P2_LIB_DIR . '/md5_crypt.funcs.php';
- }
-
$key = $this->getMd5CryptKey();
- $dec = md5_decrypt($cid, $key, 32);
+ $dec = MD5Crypt::decrypt($cid, $key, 32);
list($user, $time, $pw_enc) = explode(':', $dec, 3);
// —LŒøŠúŒÀ “ú”
@@ -827,7 +819,7 @@
// {{{ getMd5CryptKey()
/**
- * md5_encrypt, md5_decrypt ‚Ì‚½‚߂ɃNƒŠƒvƒgƒL[‚𓾂é
+ * MD5Crypt::encrypt, MD5Crypt::decrypt ‚Ì‚½‚߂ɃNƒŠƒvƒgƒL[‚𓾂é
*
* @return string
*/
Copied: p2ex/trunk/lib/MD5Crypt.php (from rev 779, p2ex/trunk/lib/md5_crypt.funcs.php)
===================================================================
--- p2ex/trunk/lib/MD5Crypt.php (rev 0)
+++ p2ex/trunk/lib/MD5Crypt.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -0,0 +1,99 @@
+<?php
+/**
+ * ‚±‚̃tƒ@ƒCƒ‹‚ÌŠÖ”‚ÍAPHPƒ}ƒjƒ…ƒAƒ‹ƒy[ƒW‚æ‚è‚Ì”qŽØ‚Å‚·BŠ´ŽÓB
+ * @link http://jp.php.net/manual/ja/function.md5.php
+ *
+ * Alexander Valyalkin
+ * 01-Jul-2004 05:41
+ * Below is MD5-based block cypher (MDC-like), which works in 128bit CFB mode.
+ * It is very useful to encrypt secret data before transfer it over the network.
+ * $iv_len - initialization vector's length.
+ * 0 <= $iv_len <= 512
+ */
+
+
+// {{{ MD5Crypt
+
+class MD5Crypt
+{
+ // {{{ getRandomInitializationVector()
+
+ static private function getRandomInitializationVector($iv_len)
+ {
+ $iv = '';
+ while ($iv_len-- > 0) {
+ $iv .= chr(mt_rand() & 0xff);
+ }
+ return $iv;
+ }
+
+ // }}}
+ // {{{ encrypt()
+
+ static public function encrypt($plain_text, $password, $iv_len = 16)
+ {
+ $plain_text .= "\x13";
+ $n = strlen($plain_text);
+ if ($n % 16) {
+ $plain_text .= str_repeat(chr(0), 16 - ($n % 16));
+ }
+ $i = 0;
+ $enc_text = self::getRandomInitializationVector($iv_len);
+ $iv = substr($password ^ $enc_text, 0, 512);
+ while ($i < $n) {
+ $block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv));
+ $enc_text .= $block;
+ $iv = substr($block . $iv, 0, 512) ^ $password;
+ $i += 16;
+ }
+ return base64_encode($enc_text);
+ }
+
+ // }}}
+ // {{{ decrypt()
+
+ static public function decrypt($enc_text, $password, $iv_len = 16)
+ {
+ $enc_text = base64_decode($enc_text);
+ $n = strlen($enc_text);
+ $i = $iv_len;
+ $plain_text = '';
+ $iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);
+ while ($i < $n) {
+ $block = substr($enc_text, $i, 16);
+ $plain_text .= $block ^ pack('H*', md5($iv));
+ $iv = substr($block . $iv, 0, 512) ^ $password;
+ $i += 16;
+ }
+ return preg_replace('/\\x13\\x00*$/', '', $plain_text);
+ }
+
+ // }}}
+
+}
+// }}}
+
+/******************************************/
+/*
+$plain_text = 'very secret string';
+$password = 'very secret password';
+echo "plain text is: [${plain_text}]<br />\n";
+echo "password is: [${password}]<br />\n";
+
+$enc_text = MD5Crypt::encrypt($plain_text, $password);
+echo "encrypted text is: [${enc_text}]<br />\n";
+
+$plain_text2 = MD5Crypt::decrypt($enc_text, $password);
+echo "decrypted text is: [${plain_text2}]<br />\n";
+*/
+
+/*
+ * Local Variables:
+ * mode: php
+ * coding: cp932
+ * tab-width: 4
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
+// vim: set syn=php fenc=cp932 ai et ts=4 sw=4 sts=4 fdm=marker:
Modified: p2ex/trunk/lib/P2Util.php
===================================================================
--- p2ex/trunk/lib/P2Util.php 2010-01-15 18:16:24 UTC (rev 780)
+++ p2ex/trunk/lib/P2Util.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -1060,12 +1060,8 @@
{
global $_conf;
- if (!function_exists('md5_encrypt')) {
- include P2_LIB_DIR . '/md5_crypt.funcs.php';
- }
-
$md5_crypt_key = self::getAngoKey();
- $crypted_login2chPW = md5_encrypt($login2chPW, $md5_crypt_key, 32);
+ $crypted_login2chPW = MD5Crypt::encrypt($login2chPW, $md5_crypt_key, 32);
$idpw2ch_cont = <<<EOP
<?php
\$rec_login2chID = '{$login2chID}';
@@ -1096,10 +1092,6 @@
{
global $_conf;
- if (!function_exists('md5_decrypt')) {
- include P2_LIB_DIR . '/md5_crypt.funcs.php';
- }
-
if (!file_exists($_conf['idpw2ch_php'])) {
return false;
}
@@ -1113,7 +1105,7 @@
// ƒpƒX‚𕡇‰»
if (!is_null($rec_login2chPW)) {
$md5_crypt_key = self::getAngoKey();
- $login2chPW = md5_decrypt($rec_login2chPW, $md5_crypt_key, 32);
+ $login2chPW = MD5Crypt::decrypt($rec_login2chPW, $md5_crypt_key, 32);
}
return array($rec_login2chID, $login2chPW, $rec_autoLogin2ch);
Deleted: p2ex/trunk/lib/md5_crypt.funcs.php
===================================================================
--- p2ex/trunk/lib/md5_crypt.funcs.php 2010-01-15 18:16:24 UTC (rev 780)
+++ p2ex/trunk/lib/md5_crypt.funcs.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -1,89 +0,0 @@
-<?php
-/**
- * ‚±‚̃tƒ@ƒCƒ‹‚ÌŠÖ”‚ÍAPHPƒ}ƒjƒ…ƒAƒ‹ƒy[ƒW‚æ‚è‚Ì”qŽØ‚Å‚·BŠ´ŽÓB
- * @link http://jp.php.net/manual/ja/function.md5.php
- *
- * Alexander Valyalkin
- * 01-Jul-2004 05:41
- * Below is MD5-based block cypher (MDC-like), which works in 128bit CFB mode.
- * It is very useful to encrypt secret data before transfer it over the network.
- * $iv_len - initialization vector's length.
- * 0 <= $iv_len <= 512
- */
-
-// {{{ get_rnd_iv()
-
-function get_rnd_iv($iv_len)
-{
- $iv = '';
- while ($iv_len-- > 0) {
- $iv .= chr(mt_rand() & 0xff);
- }
- return $iv;
-}
-
-// }}}
-// {{{ md5_decrypt()
-
-function md5_encrypt($plain_text, $password, $iv_len = 16)
-{
- $plain_text .= "\x13";
- $n = strlen($plain_text);
- if ($n % 16) $plain_text .= str_repeat(chr(0), 16 - ($n % 16));
- $i = 0;
- $enc_text = get_rnd_iv($iv_len);
- $iv = substr($password ^ $enc_text, 0, 512);
- while ($i < $n) {
- $block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv));
- $enc_text .= $block;
- $iv = substr($block . $iv, 0, 512) ^ $password;
- $i += 16;
- }
- return base64_encode($enc_text);
-}
-
-// }}}
-// {{{ md5_decrypt()
-
-function md5_decrypt($enc_text, $password, $iv_len = 16)
-{
- $enc_text = base64_decode($enc_text);
- $n = strlen($enc_text);
- $i = $iv_len;
- $plain_text = '';
- $iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);
- while ($i < $n) {
- $block = substr($enc_text, $i, 16);
- $plain_text .= $block ^ pack('H*', md5($iv));
- $iv = substr($block . $iv, 0, 512) ^ $password;
- $i += 16;
- }
- return preg_replace('/\\x13\\x00*$/', '', $plain_text);
-}
-
-// }}}
-
-/******************************************/
-/*
-$plain_text = 'very secret string';
-$password = 'very secret password';
-echo "plain text is: [${plain_text}]<br />\n";
-echo "password is: [${password}]<br />\n";
-
-$enc_text = md5_encrypt($plain_text, $password);
-echo "encrypted text is: [${enc_text}]<br />\n";
-
-$plain_text2 = md5_decrypt($enc_text, $password);
-echo "decrypted text is: [${plain_text2}]<br />\n";
-*/
-
-/*
- * Local Variables:
- * mode: php
- * coding: cp932
- * tab-width: 4
- * c-basic-offset: 4
- * indent-tabs-mode: nil
- * End:
- */
-// vim: set syn=php fenc=cp932 ai et ts=4 sw=4 sts=4 fdm=marker:
Modified: p2ex/trunk/lib/setup.funcs.php
===================================================================
--- p2ex/trunk/lib/setup.funcs.php 2010-01-15 18:16:24 UTC (rev 780)
+++ p2ex/trunk/lib/setup.funcs.php 2010-01-15 18:58:14 UTC (rev 781)
@@ -64,6 +64,9 @@
if ($check_recommended) {
if (version_compare($php_version, $recommended_version, '<')) {
// title.php ‚̂݃ƒbƒZ[ƒW‚ð•\Ž¦
+ if (!is_numeric($check_recommended)) {
+ $check_recommended = htmlspecialchars($check_recommended, ENT_QUOTES);
+ }
if (basename($_SERVER['PHP_SELF'], '.php') == 'title') {
$_info_msg_ht .= <<<EOP
<p><strong>„§ƒo[ƒWƒ‡ƒ“‚æ‚èŒÃ‚¢PHP‚Å“®ì‚µ‚Ä‚¢‚Ü‚·B</strong>
@@ -157,6 +160,7 @@
FileCtl |
HostCheck |
Login |
+ MD5Crypt |
NgAbornCtl |
P2[A-Z][A-Za-z]* |
PresetManager |
@@ -172,9 +176,7 @@
Wap[A-Z][A-Za-z]*
)$/x', $name))
{
- if ($name == 'P2Lock') {
- include P2_LIB_DIR . '/FileCtl.php';
- } elseif ($name == 'ResArticle') {
+ if ($name == 'ResArticle') {
include P2_LIB_DIR . '/ResHist.php';
} elseif (strncmp($name, 'Wap', 3) === 0) {
include P2_LIB_DIR . '/Wap.php';