用户口令检查(/etc/passwd)

作者:袖梨 2022-07-02

/*
* etc.passwd.inc v1.0
*
* Syntax:
* verifypasswd(string USERNAME, string PASSWORD)
*
* The function will return one of three values:
* -2 if there was a file reading error
* -1 if the password is incorrect
* 0 if the username doesn't exist
* 1 if the password is correct
*/

function verifypasswd ($USERNAME, $PASSWORD) {

$fd = fopen( "/etc/passwd", "r");
$contents = fread($fd, filesize( "/etc/passwd"));
fclose($fd);
if (!$contents) return -2;

$lines = split( "n", $contents);
$passwd = array();

for($count=0;$count list ($user,$pass) = split( ":",$lines[$count]);
if ($user == $USERNAME) {
break;
}
}

if (!$user) return 0;

$cryptedpass = $pass;
$salt = substr($cryptedpass,0,2);
$Pass = crypt($PASSWORD,$salt);

if ($Pass == $cryptedpass) {
return 1;
} else {
return -1;
}
}
?>

相关文章

精彩推荐