用户口令检查(/etc/passwd)
发表于:2007-07-01来源:作者:点击数:
标签:
? /* * etc.passwd.inc v1.0 * * Syntax: * verifypasswd(string USERNAME, string PASSWORD) * * The function will return one of three values: * -2 if there was a file reading error * -1 if the password is incorrect * 0 if the username doesn@#t
<?
/*
* etc.passwd.inc v1.0
*
* Syntax:
* verifypasswd(string USERNAME, string PASSWORD)
*
* The function will return one of three values:
* -2 if there was a file reading error
* -1 if the password is incorrect
* 0 if the username doesn@#t exist
* 1 if the password is correct
*
* Written by WarMage ( michael@irc
.net )
*
*/
function verifypasswd ($USERNAME, $PASSWORD) {
$fd = fopen( "/etc/passwd", "r");
$contents = fread($fd, filesize( "/etc/passwd"));
fclose($fd);
if (!$contents) return -2;
$lines = split( "\n", $contents);
$passwd = array();
for($count=0;$count<count($lines);$count++) {
list ($user,$pass) = split( ":",$lines[$count]);
if ($user == $USERNAME) {
break;
}
}
if (!$user) return 0;
$cryptedpass = $pass;
$salt = substr($cryptedpass,0,2);
$Pass = crypt($PASSWORD,$salt);
if ($Pass == $cryptedpass) {
return 1;
} else {
return -1;
}
}
?>
原文转自:http://www.ltesting.net