gPass

gPass Git Source Tree

Root/server/index.php

1<?php
2/*
3 Copyright (C) 2013-2017 Grégory Soutadé
4
5 This file is part of gPass.
6
7 gPass is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 3 of the License, or
10 (at your option) any later version.
11
12 gPass is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with gPass. If not, see <http://www.gnu.org/licenses/>.
19*/
20
21include('conf.php');
22include('functions.php');
23
24session_start();
25
26$user = '';
27
28if ($ADMIN_MODE && isset($_POST['create_user']))
29{
30 $user = addslashes($_POST['user']);
31 if (create_user($user))
32 $user = $_POST['user'];
33 else
34 $user = '';
35}
36else
37{
38 $user = sanitize('user');
39 $login = sanitize('login');
40 $shadow_login = sanitize('shadow_login');
41 $password = sanitize('password');
42 $access_token = sanitize('access_token');
43 $access_tokens = sanitize('access_tokens');
44 $salt = sanitize('salt');
45
46 if (isset($_POST['get_secure_passwords']) && isset($_POST['user']) &&
47 isset($_POST['access_tokens']))
48 return get_secure_entries($user, $access_tokens);
49
50 if (isset($_POST['get_passwords']) && isset($_POST['user']))
51 return list_entries($user);
52
53 if (isset($_POST['add_entry']) && isset($_POST['user']) &&
54 isset($_POST['login']) && isset($_POST['password']) &&
55 isset($_POST['shadow_login']) && isset($_POST['salt']) &&
56 isset($_POST['access_token']) )
57 return add_entry($user,
58 $login,
59 $password,
60 $shadow_login,
61 $salt,
62 $access_token);
63
64 if (isset($_POST['delete_entry']) && isset($_POST['user']) &&
65 isset($_POST['login']) && isset($_POST['access_token']))
66 return delete_entry($user,
67 $login,
68 $access_token);
69}
70
71?>
72<!DOCTYPE html>
73<html>
74 <head>
75 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" >
76 <link rel="icon" type="image/png" href="resources/favicon.png" />
77 <link rel="stylesheet" type="text/css" href="resources/gpass.css" />
78 <script language="javascript">
79 <?php
80 echo "pbkdf2_level=$PBKDF2_LEVEL; use_shadow_logins=$USE_SHADOW_LOGINS;\n";
81 echo "CLEAR_TIME=$CLEAR_TIME; // Clear master key after 15 minutes\n";
82 echo "CRYPTO_V1_COMPATIBLE=$CRYPTO_V1_COMPATIBLE;\n";
83 ?>
84 document.addEventListener('DOMContentLoaded', function() {
85 window.onscroll = function(ev) {
86 document.getElementById("buttonTop").className = (window.pageYOffset > 500) ? "cVisible" : "cInvisible";
87 };
88});
89 function scrollToTop()
90 {
91 if (window.pageYOffset == 0)
92 return;
93 target = (window.innerHeight) ? window.innerHeight/5 : 200;
94 toScroll = (window.pageYOffset > target) ? target : window.pageYOffset;
95 window.scrollBy(0, -toScroll);
96
97 setTimeout(scrollToTop, 24);
98 }
99 </script>
100 <script src="resources/misc.js"></script>
101 <script src="resources/gpass.js"></script>
102 <script src="resources/pwdmeter.js"></script>
103 <title>gPass : global Password</title>
104 </head>
105 <body onload="start();">
106 <div><a id="buttonTop" class="cInvisible" onclick="scrollToTop();"></a></div>
107 <div id="logo">
108 <a href="http://indefero.soutade.fr/p/gpass"><img src="resources/gpass.png" alt="logo"/></a>
109 </div>
110
111 <div id="admin" <?php if (!$ADMIN_MODE) echo "style=\"display:none\"";?> >
112 <form method="post">
113<input type="text" name="user"/> <input type="submit" name="create_user" value="Create user" onclick="return confirm('Are you sure want to create this user ?');"/>
114 </form>
115 </div>
116<div id="user">
117<?php
118 global $user;
119$users = scandir("./users/");
120$count = 0;
121 foreach($users as $u)
122 {
123 if (is_dir("./users/" . $u) && $u[0] != '_' && $u[0] != '.')
124 $count++;
125 }
126
127if ($count == 0)
128 echo "<b>No user found</b><br/>\n";
129else
130{
131 echo "<b>User</b> <select id=\"selected_user\" name=\"user\" onchange=\"document.getElementById('master_key').value = '';update_master_key(false);\">" . "\n";
132 foreach($users as $u)
133 {
134 if (is_dir("./users/" . $u) && $u[0] != '_' && $u[0] != '.')
135 {
136 if ($user == "") $user = $u;
137 if ($user == $u)
138 echo "<option value=\"$u\" selected=\"1\"/>$u</option>";
139 else
140 echo "<option value=\"$u\"/>$u</option>";
141 }
142 }
143 echo "</select>\n";
144 echo ' <b>Master key </b> <input id="master_key" type="password" onkeypress="if (event.keyCode == 13) update_master_key(true);"/>';
145 echo "<input type=\"button\" value=\"See\" onclick=\"update_master_key(true);\" />" . "\n";
146
147 if (!isset($_SERVER['HTTPS']))
148 echo "<div id=\"addon_address\">Current addon address is : http://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
149 else
150 echo "<div id=\"addon_address\">Current addon address is : https://" . $_SERVER['SERVER_NAME'] . "/" . $user . "</div>\n";
151}
152?>
153<div id="add_new_password">
154<?php
155 global $user;
156
157if ($user != "")
158{
159 echo "<b>Add a new password</b><br/>\n";
160
161 echo 'URL <input type="text" name="url"/>';
162 echo 'login <input type="text" name="login" />';
163 echo 'password <input id="new_password" type="text" name="password"/>';
164 echo 'master key <input type="text" name="mkey" onkeypress="if (event.keyCode == 13) add_password();" onkeyup="chkPass(this.value);"/>';
165 echo '<input type="button" value="Generate password" onClick="generate_password();"/>';
166 echo '<input type="button" value="Generate simple password" onClick="generate_simple_password();"/>';
167 echo "<input type=\"button\" name=\"add\" value=\"Add\" onclick=\"add_password();\"/>";
168 echo "<br />";
169 echo '<div><a href="http://en.wikipedia.org/wiki/Password_strength">Master key strength</a><div id="scorebarBorder"><div id="score">0%</div><div id="scorebar">&nbsp;</div></div></div>';
170}
171?>
172</div>
173<div id="passwords">
174</div>
175<div id="update_masterkey">
176<?php
177 global $user;
178
179if ($user != "")
180{
181 echo "<b>Update Masterkey</b><br/>\n";
182
183 echo 'Old master key <input type="text" id="oldmkey"/>';
184 echo 'New master key <input type="text" id="newmkey" onkeyup="chkPass(this.value);"/>';
185 echo '<input type="button" value="Update masterkey" onClick="update_masterkey();"/>';
186}
187?>
188</div>
189<div id="export_database">
190<?php
191 global $user;
192
193if ($user != "")
194{
195 echo "<b>Export</b><br/>\n";
196
197 echo '<input type="button" value="Export" onclick="export_database();"/>';
198 echo '<a id="export_link">Download</a>';
199}
200?>
201</div>
202</div>
203</body>
204</html>

Archive Download this file