diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index 71844b8478f9682d93a00b896bbb63ed540976a3..1184aebeeb8608d79d7c4e064453ba165a632d90 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -32,7 +32,7 @@ class DokuHTTPClient extends HTTPClient {
$this->proxy_host = $conf['proxy']['host'];
$this->proxy_port = $conf['proxy']['port'];
$this->proxy_user = $conf['proxy']['user'];
- $this->proxy_pass = $conf['proxy']['pass'];
+ $this->proxy_pass = conf_decodeString($conf['proxy']['pass']);
$this->proxy_ssl = $conf['proxy']['ssl'];
}
}
diff --git a/inc/confutils.php b/inc/confutils.php
index 5b48e97dd2142645453273af223b4269eed243d8..2099ba9494ccfba075a601744117b8c867f83b7a 100644
--- a/inc/confutils.php
+++ b/inc/confutils.php
@@ -238,5 +238,34 @@ function useHeading($linktype) {
return (!empty($useHeading[$linktype]));
}
-
+/**
+ * obscure config data so information isn't plain text
+ *
+ * @param string $str data to be encoded
+ * @param string $code encoding method, values: plain, base64, uuencode.
+ * @return string the encoded value
+ */
+function conf_encodeString($str,$code) {
+ switch ($code) {
+ case 'base64' : return '<b>'.base64_encode($str);
+ case 'uuencode' : return '<u>'.convert_uuencode($str);
+ case 'plain':
+ default:
+ return $str;
+ }
+}
+/**
+ * return obscured data as plain text
+ *
+ * @param string $str encoded data
+ * @return string plain text
+ */
+function conf_decodeString($str) {
+ switch (substr($str,0,3)) {
+ case '<b>' : return base64_decode(substr($str,3));
+ case '<u>' : return convert_uudecode(substr($str,3));
+ default: // not encode (or unknown)
+ return $str;
+ }
+}
//Setup VIM: ex: et ts=2 enc=utf-8 :
diff --git a/inc/io.php b/inc/io.php
index 1c0e8610479c2399bce9b41b9e7089f7718ba1d5..2eb94db0c716b61ae8504ba0d0526865db5ff8e6 100644
--- a/inc/io.php
+++ b/inc/io.php
@@ -424,7 +424,7 @@ function io_mkdir_ftp($dir){
return false;
}
- if(!@ftp_login($conn, $conf['ftp']['user'], $conf['ftp']['pass'])){
+ if(!@ftp_login($conn, $conf['ftp']['user'], conf_decodeString($conf['ftp']['pass']))){
msg("FTP login failed",-1);
return false;
}
diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php
index c3531d6f343018613af896d220bed177cc3bd607..b62c16a7e5e70fae67559426eea5ff1fb04bba3f 100644
--- a/lib/plugins/config/settings/config.class.php
+++ b/lib/plugins/config/settings/config.class.php
@@ -22,7 +22,7 @@ if (!class_exists('configuration')) {
var $_default_files = array();
var $_local_files = array(); // updated configuration is written to the first file
var $_protected_files = array();
-
+
var $_plugin_list = null;
/**
@@ -127,13 +127,13 @@ if (!class_exists('configuration')) {
fclose($fh);
return true;
}
-
+
function _read_config_group($files) {
$config = array();
foreach ($files as $file) {
$config = array_merge($config, $this->_read_config($file));
}
-
+
return $config;
}
@@ -477,6 +477,8 @@ if (!class_exists('setting_string')) {
if (!class_exists('setting_password')) {
class setting_password extends setting_string {
+ var $_code = 'plain'; // mechanism to be used to obscure passwords
+
function update($input) {
if ($this->is_protected()) return false;
if (!$input) return false;
@@ -487,7 +489,7 @@ if (!class_exists('setting_password')) {
return false;
}
- $this->_local = $input;
+ $this->_local = conf_encodeString($input,$this->_code);
return true;
}
@@ -888,7 +890,6 @@ if (!class_exists('setting_multicheckbox')) {
}
}
-
/**
* Provide php_strip_whitespace (php5 function) functionality
*
diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php
index 8c856af1b17469fa92ba6d8bf0e1b9fad08a9e26..6c979574e9e89e3782cd9dcf653631608606763c 100644
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@@ -22,7 +22,8 @@
* 'email' - text input, input must conform to email address format, setting output in quotes
* 'richemail' - text input, input must conform to email address format but accepts variables and
* emails with a real name prepended (when email address is given in <>)
- * 'password' - password input, minimal input validation, setting output plain text in quotes
+ * 'password' - password input, minimal input validation, setting output text in quotes, maybe encoded
+ * according to the _code parameter
* 'dirchoice' - as multichoice, selection choices based on folders found at location specified in _dir
* parameter (required). A pattern can be used to restrict the folders to only those which
* match the pattern.
@@ -52,6 +53,7 @@
* required by 'dirchoice' class, ignored by other classes
* '_combine' - complimentary output setting values which can be combined into a single display checkbox
* optional for 'multicheckbox', ignored by other classes
+ * '_code' - encoding method to use, accepted values: 'base64','uuencode','plain'. defaults to plain.
*
* @author Chris Smith <chris@jalakai.co.uk>
*/
@@ -189,12 +191,12 @@ $meta['_network'] = array('fieldset');
$meta['proxy____host'] = array('string','_pattern' => '#^(|[a-z0-9\-\.+]+)$#i');
$meta['proxy____port'] = array('numericopt');
$meta['proxy____user'] = array('string');
-$meta['proxy____pass'] = array('password');
+$meta['proxy____pass'] = array('password','_code' => 'base64');
$meta['proxy____ssl'] = array('onoff');
$meta['safemodehack'] = array('onoff');
$meta['ftp____host'] = array('string','_pattern' => '#^(|[a-z0-9\-\.+]+)$#i');
$meta['ftp____port'] = array('numericopt');
$meta['ftp____user'] = array('string');
-$meta['ftp____pass'] = array('password');
+$meta['ftp____pass'] = array('password','_code' => 'base64');
$meta['ftp____root'] = array('string');