Navigation

← Previous Changeset
Next Changeset →

Changeset 45307

Timestamp:

05/11/08 23:02:47 (2 months ago)

Author:

cduke250

Message:

totally rewrote the sid codes, refactored alot of the code, added additional checks for mod_rewrite, mod_alias, mod_security.

improved the detection for .htaccess capability

Files:

askapache-password-protect/tags/4.1 (added)
askapache-password-protect/tags/4.1/askapache-password-protect.php (added)
askapache-password-protect/tags/4.1/readme.txt (added)
askapache-password-protect/tags/4.1/screenshot-1.png (added)
askapache-password-protect/tags/4.1/screenshot-2.png (added)
askapache-password-protect/tags/4.1/screenshot-3.png (added)
askapache-password-protect/trunk/askapache-password-protect.php (modified) (24 diffs)
askapache-password-protect/trunk/readme.txt (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

askapache-password-protect/trunk/askapache-password-protect.php

r44896	r45307
4	4	Plugin URI: http://www.askapache.com/wordpress/htaccess-password-protect.html
5	5	Description: Apache .htaccess Security: Password Protection and Advanced Security for your blog. <a href="options-general.php?page=askapache-password-protect.php">Configuration</a>
6		Version: 4.~~0.3.~~1
	6	Version: 4.1
7	7	Author: AskApache
8	8	Author URI: http://www.askapache.com
…	…
45	45	?>
46	46	<?php
47		define('AA_PP_DEBUG',0);
48		if(defined('AA_PP_ALREADY_INCLUDED'))return;
49		else define('AA_PP_ALREADY_INCLUDED','yessir');
50
51		if(!function_exists('aa_pp_options_setup1')){function aa_pp_options_setup1() {
	47	if(defined('AA_PP_DEBUG'))return;
	48	else define('AA_PP_DEBUG',0);
	49
	50	function aa_pp_options_setup1() {
52	51	add_options_page('AskApache Password Protection', 'AA PassPro', 8, basename(__FILE__), 'aa_pp_main_page');
53		}}
	52	}
	53
	54
	55	function aa_pp_generate_sid_rules($sid,$t='0'){
	56	global $aa_PP;
	57
	58	switch ($sid){
	59	case 'sid700':
	60	$sidrules=array(
	61	'# BEGIN sid700',
	62	'Options -Indexes',
	63	'DirectoryIndex '.$aa_PP['root_path'].'index.php',
	64	'# END sid700');
	65	break;
	66	case 'sid800':
	67	$sidrules=array(
	68	'# BEGIN sid800',
	69	'<Files wp-login.php>',
	70	'Order Deny,Allow',
	71	'Deny from All',
	72	'Satisfy Any',
	73	'AuthName "'.$aa_PP['realm'].'"',
	74	'AuthUserFile '.$aa_PP['htpasswd'],
	75	'AuthType Basic',
	76	'Require valid-user',
	77	'</Files>',
	78	'# END sid800');
	79	break;
	80	case 'sid900':
	81	$sidrules=array(
	82	'# BEGIN sid900',
	83	'Order Deny,Allow',
	84	'Deny from All',
	85	'AuthName "'.$aa_PP['realm'].'"',
	86	'AuthUserFile '.$aa_PP['htpasswd'],
	87	'AuthType Basic',
	88	'Require valid-user',
	89	'<FilesMatch "\.(ico\|pdf\|flv\|jpg\|jpeg\|png\|gif\|swf\|css\|js)$">',
	90	'Allow from All',
	91	'</FilesMatch>',
	92	'<Files async-upload.php>',
	93	'Allow from All',
	94	'</Files>',
	95	'Satisfy Any',
	96	'# END sid900');
	97	break;
	98	case 'sid1000':
	99	$sidrules=array(
	100	'# BEGIN sid1000',
	101	'RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ '.$aa_PP['root_path'].'wp-content/.*$ [NC]',
	102	'RewriteCond %{REQUEST_FILENAME} ^.+\.php$',
	103	'RewriteRule .* - [F,NS]',
	104	'# END sid1000');
	105	break;
	106	case 'sid1010':
	107	$sidrules=array(
	108	'# BEGIN sid1010',
	109	'RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ '.$aa_PP['root_path'].'wp-includes/.*$ [NC]',
	110	'RewriteCond %{REQUEST_FILENAME} ^.+\.php$',
	111	'RewriteRule .* - [F,NS]',
	112	'# END sid1010');
	113	break;
	114	case 'sid1015':
	115	$sidrules=array(
	116	'# BEGIN sid1015',
	117	'RewriteCond %{REQUEST_METHOD} !^(GET\|POST\|OPTIONS\|PUT\|HEAD)$ [NC]',
	118	'RewriteRule .* - [F,L]',
	119	'# END sid1015');
	120	break;
	121	case 'sid1030':
	122	$sidrules=array(
	123	'# BEGIN sid1030',
	124	'RewriteCond %{HTTPS} !=on [NC]',
	125	'RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]',
	126	'# END sid1030');
	127	break;
	128	}
	129
	130	if($t!='0'){
	131	$sidrules=array_slice($sidrules,1,-1);
	132	}
	133	return $sidrules;
	134
	135	}
54	136
55	137	function aa_pp_get_post_values(){
…	…
57	139	$aa_PP=get_option('askapache_password_protect');
58	140
59		if(isset($_POST['htaccessuser']) && $_POST['htaccessuser']!=$aa_PP['user']){
60		$aa_PP['user']=$_POST['htaccessuser'];
61		$aa_PP['change_htpasswd']='1';
62		}
63
64		if(isset($_POST['htaccesspass'])\|\|isset($_POST['modifyuser'])) {
65		$aa_PP['change_htpasswd']='1';
66		$aa_PP['change_htaccess']='1';
67		}
68
69		if(isset($_POST['htaccessrealm']) && $_POST['htaccessrealm']!=$aa_PP['realm']){
70		$aa_PP['realm']=$_POST['htaccessrealm'];
71		if(strlen($aa_PP['realm'])>10)$aa_PP['realm']=substr($aa_PP['realm'], 0, 10);
72		$aa_PP['change_htaccess']='1';
73		}
	141	if(isset($_POST['resetaapp']))aa_pp_activate();
	142	if(isset($_POST['aapptestingdone']))$aa_PP['config_step']='2';
	143	if(isset($_POST['aappsetupcomplete']))$aa_PP['config_step']='3';
	144
	145
	146	if(isset($_POST['adduser'])){
	147	if(isset($_POST['addhtaccessuser'])&&isset($_POST['addhtaccesspass']) && isset($_POST['aapassformat'])){
	148	$aa_current_htpasswd_users=aa_pp_extract_mark($aa_PP['htpasswd'],'AskApache PassPro');
	149	$aa_PP['HTPASSWD_RULES']=array_merge($aa_current_htpasswd_users,array(aa_pp_hashit($_POST['aapassformat'],$_POST['addhtaccessuser'],$_POST['addhtaccesspass'])));
	150	if(!aa_pp_insert_mark($aa_PP['htpasswd'],'AskApache PassPro',$aa_PP['HTPASSWD_RULES'])) die('Error Creating '.$aa_PP['htpasswd']);
	151	}
	152	}
	153	else if(isset($_POST['changepasswordsettings'])){
	154
	155	if(isset($_POST['htaccessrealm']) && $aa_PP['realm']=$_POST['htaccessrealm']) {
	156	$newrealm1=$_POST['htaccessrealm'];
	157	if(strlen($newrealm1)>35)$newrealm1=substr($newrealm1, 0, 35);
	158	$aa_PP['realm']=$newrealm1;
	159	if($aa_PP['S']['sid900']['ON']=='1'){
	160	if(!aa_pp_insert_mark($aa_PP['S']['sid900']['FILE'],'sid900',aa_pp_generate_sid_rules('sid900','1'))) die('Error Creating '.$aa_PP['S']['sid900']['FILE']);
	161	}
	162	if($aa_PP['S']['sid800']['ON']=='1'){
	163	if(!aa_pp_insert_mark($aa_PP['S']['sid800']['FILE'],'sid800',aa_pp_generate_sid_rules('sid800','1'))) die('Error Creating '.$aa_PP['S']['sid800']['FILE']);
	164	}
	165	}
	166
	167	if(isset($_POST['htpasswdfile']) && $_POST['htpasswdfile']!=$aa_PP['htpasswd']){
	168	if(!is_writable(dirname($_POST['htpasswdfile'])) && !touch($_POST['htpasswdfile'])) die($_POST['htpasswdfile'].' location is not writable!');
	169	else {
	170	if(!aa_pp_insert_mark($_POST['htpasswdfile'],'AskApache PassPro',aa_pp_extract_mark($aa_PP['htpasswd'],'AskApache PassPro')))die('error writing new password file.');
	171	else aa_pp_unlink($aa_PP['htpasswd']);
	172	$aa_PP['htpasswd']=$_POST['htpasswdfile'];
	173	if($aa_PP['S']['sid900']['ON']=='1'){
	174	if(!aa_pp_insert_mark($aa_PP['S']['sid900']['FILE'],'sid900',aa_pp_generate_sid_rules('sid900','1'))) die('Error Creating '.$aa_PP['S']['sid900']['FILE']);
	175	}
	176	if($aa_PP['S']['sid800']['ON']=='1'){
	177	if(!aa_pp_insert_mark($aa_PP['S']['sid800']['FILE'],'sid800',aa_pp_generate_sid_rules('sid800','1'))) die('Error Creating '.$aa_PP['S']['sid800']['FILE']);
	178	}
	179	}
	180	}
	181
	182	}
	183	else if(isset($_POST['aappsetupcomplete'])){
	184
	185	if(isset($_POST['aapassformat']))$aa_PP['format']=$_POST['aapassformat'];
	186
	187	if(isset($_POST['htaccessuser']) && isset($_POST['htaccesspass'])) $aa_PP['user']=$_POST['htaccessuser'];
	188
	189	if(isset($_POST['htaccessrealm']) && $aa_PP['realm']!=$_POST['htaccessrealm']) {
	190
	191	if(strlen($aa_PP['realm'])>35)$aa_PP['realm']=substr($aa_PP['realm'], 0, 35);
	192	}
	193
	194	if(isset($_POST['htpasswdfile'])){
	195	if(!is_writable(dirname($_POST['htpasswdfile'])) && !touch($_POST['htpasswdfile'])) die($_POST['htpasswdfile'].' location is not writable!');
	196	else $aa_PP['htpasswd']=$_POST['htpasswdfile'];
	197	}
	198
	199	$aa_PP['HTPASSWD_RULES']=array(aa_pp_hashit($_POST['aapassformat'],$_POST['htaccessuser'],$_POST['htaccesspass']));
	200	if(!aa_pp_insert_mark($aa_PP['htpasswd'],'AskApache PassPro',$aa_PP['HTPASSWD_RULES'])) die('Error Creating '.$aa_PP['htpasswd']);
	201
	202	if(isset($_POST['sid900'])) {
	203	$aa_PP['S']['sid900']['ON']='1';
	204	if(!aa_pp_insert_mark($aa_PP['S']['sid900']['FILE'], 'AskApache PassPro', aa_pp_generate_sid_rules('sid900'))) die("Couldnt create ".$aa_PP['S']['sid900']['FILE']." file!");
	205	} else {
	206	@ aa_pp_unlink($aa_PP['S']['sid900']['FILE']);
	207	$aa_PP['S']['sid900']['ON']='0';
	208	}
	209	}
	210	else if(isset($_POST['updatemodules'])){
	211
	212	if( isset($_POST['sid1000']) \|\| isset($_POST['sid800']) \|\| isset($_POST['sid1010']) \|\| isset($_POST['sid1015']) \|\| isset($_POST['sid1030']) \|\| isset($_POST['sid700'])){
	213	$aa_PP['mod_rewrite_on']='1';
	214	$aa_PP['blog_root_htaccess_RULES']=array(
	215	'',
	216	'RewriteEngine On',
	217	'RewriteBase /',
	218	'');
	219	} else $aa_PP['mod_rewrite_on']='0';
	220
	221
	222	if(isset($_POST['sid700'])) {
	223	$aa_PP['S']['sid700']['ON']='1';
	224	$aa_PP['blog_root_htaccess_RULES']=array_merge($aa_PP['blog_root_htaccess_RULES'],aa_pp_generate_sid_rules('sid700'));
	225	} else $aa_PP['S']['sid700']['ON']='0';
	226
	227
	228
	229	if(isset($_POST['sid1015'])) {
	230	$aa_PP['S']['sid1015']['ON']='1';
	231	$aa_PP['blog_root_htaccess_RULES']=array_merge($aa_PP['blog_root_htaccess_RULES'],aa_pp_generate_sid_rules('sid1015'));
	232	} else $aa_PP['S']['sid1015']['ON']='0';
	233
	234	if(isset($_POST['sid1030'])) {
	235	$aa_PP['S']['sid1030']['ON']='1';
	236	$aa_PP['S']['sid1030']['RULES']=array_merge($aa_PP['blog_root_htaccess_RULES'],aa_pp_generate_sid_rules('sid1030'));
	237	} else $aa_PP['S']['sid1030']['ON']='0';
74	238
75	239
76		if(isset($_POST['htpasswdfile']) && $_POST['htpasswdfile']!=$aa_PP['htpasswd']) {
77		if(is_writable(dirname($_POST['htpasswdfile'])) && touch($_POST['htpasswdfile'])){
78		$aa_PP['htpasswd']=$_POST['htpasswdfile'];
79		$aa_PP['change_htpasswd']='1';
80		} else die($_POST['htpasswdfile'].' location is not writable!');
81		}
82
	240	if(isset($_POST['sid1000'])) {
	241	$aa_PP['S']['sid1000']['ON']='1';
	242	$aa_PP['blog_root_htaccess_RULES']=array_merge($aa_PP['blog_root_htaccess_RULES'],aa_pp_generate_sid_rules('sid1000'));
	243	} else $aa_PP['S']['sid1000']['ON']='0';
	244
	245	if(isset($_POST['sid1010'])) {
	246	$aa_PP['S']['sid1010']['ON']='1';
	247	$aa_PP['blog_root_htaccess_RULES']=array_merge($aa_PP['blog_root_htaccess_RULES'],aa_pp_generate_sid_rules('sid1010'));
	248	} else $aa_PP['S']['sid1010']['ON']='0';
	249
	250
	251
	252	if(isset($_POST['sid800'])) {
	253	$aa_PP['S']['sid800']['ON']='1';
	254	$aa_PP['blog_root_htaccess_RULES']=array_merge($aa_PP['blog_root_htaccess_RULES'],aa_pp_generate_sid_rules('sid800'));
	255	} else $aa_PP['S']['sid800']['ON']= '0';
	256
	257	if($aa_PP['mod_rewrite_on']=='1'){
	258	$aa_PP['blog_root_htaccess_RULES'][]='';
	259	if(!aa_pp_insert_mark($aa_PP['blog_root_htaccess'], 'AskApache PassPro', $aa_PP['blog_root_htaccess_RULES'])) die("Couldnt create ".$aa_PP['blog_root_htaccess']." file!");
	260	}
83	261
84		if(isset($_POST['aapassformat1']) && $_POST['aapassformat1']!=$aa_PP['format']){
85		$aa_PP['format']=$_POST['aapassformat1'];
86		$aa_PP['change_htpasswd']='1';
87		}
88
89		if(isset($_POST['aapassformat']) && $_POST['aapassformat']!=$aa_PP['format']){
90		$aa_PP['format']=$_POST['aapassformat'];
91		$aa_PP['change_htpasswd']='1';
92		}
	262	if(isset($_POST['sid900'])) {
	263	$aa_PP['S']['sid900']['ON']='1';
	264	if(!aa_pp_insert_mark($aa_PP['S']['sid900']['FILE'], 'AskApache PassPro', aa_pp_generate_sid_rules('sid900'))) die("Couldnt create ".$aa_PP['S']['sid900']['FILE']." file!");
	265	} else {
	266	@ aa_pp_unlink($aa_PP['S']['sid900']['FILE']);
	267	$aa_PP['S']['sid900']['ON']='0';
	268	}
	269	}
	270
	271
93	272
94	273	if(AA_PP_DEBUG){echo '<pre>';print_r($_POST);echo '</pre>';}
95
96	274	update_option('askapache_password_protect',$aa_PP);
97	275	}
98
99	276
100	277
…	…
104	281	global $aa_PP;
105	282
106		if (~~function_exists('current_user_can')&&~~!current_user_can(8)\|\|!current_user_can('upload_files')) die(__("You are not allowed to be here"));
	283	if (!current_user_can(8)\|\|!current_user_can('upload_files')) die(__("You are not allowed to be here"));
107	284	$aa_PP=get_option('askapache_password_protect');
108	285
109		~~$aa_PP['htaccessusers']=aa_pp_current_users($aa_PP['htpasswd'],'AskApache PassPro');~~
110	286
111	287
…	…
114	290	check_admin_referer('askapache-password-protect-update_modify');
115	291	aa_pp_get_post_values();
116
117
118		~~if( isset($_POST['sid1000']) \|\| isset($_POST['sid1005']) \|\| isset($_POST['sid1010']) \|\| isset($_POST['sid1015']) \|\| isset($_POST['sid1030']) \|\| isset($_POST['sid1025'])){~~
119		~~$aa_PP['ROOT_HTACCESS_ON']='true';~~
120		~~$aa_PP['ROOT_HTACCESS_RULES']=array('',~~
121		~~'<IfModule mod_rewrite.c>',~~
122		~~'RewriteEngine On',~~
123		~~'RewriteBase /',~~
124		~~'');~~
125		~~} else $aa_PP['ROOT_HTACCESS_ON']='false';~~
126
127		~~if(isset($_POST['sid1015'])) {~~
128		~~$aa_PP['S']['sid1015']['ON']='true';~~
129		~~$aa_PP['S']['sid1015']['RULES']=array('# sid1015',~~
130		~~'RewriteCond %{REQUEST_METHOD} !^(GET\|POST\|OPTIONS\|PUT\|HEAD)$ [NC]',~~
131		~~'RewriteRule .* - [F,L]','# sid1015');~~
132		~~$aa_PP['ROOT_HTACCESS_RULES']=array_merge($aa_PP['ROOT_HTACCESS_RULES'],$aa_PP['S']['sid1015']['RULES']);~~
133		~~} else $aa_PP['S']['sid1015']['ON']='false';~~
134
135
136
137
138		~~if(isset($_POST['sid1030'])) {~~
139		~~$aa_PP['S']['sid1030']['ON']='true';~~
140		~~$aa_PP['S']['sid1030']['RULES']=array('# sid1030',~~
141		~~'RewriteCond %{HTTPS} !=on [NC]',~~
142		~~'RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]','# sid1030');~~
143		~~$aa_PP['S']['sid1030']['RULES']=array_merge($aa_PP['ROOT_HTACCESS_RULES'],$aa_PP['S']['sid1030']['RULES']);~~
144		~~} else $aa_PP['S']['sid1030']['ON']='false';~~
145
146
147
148		~~if(isset($_POST['sid1000'])) {~~
149		~~$aa_PP['S']['sid1000']['ON']='true';~~
150		~~$aa_PP['S']['sid1000']['RULES']=array('# sid1000',~~
151		~~'RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ '.$aa_PP['root_path'].'wp-content/.*$ [NC]',~~
152		~~'RewriteCond %{REQUEST_FILENAME} ^.+\.php$',~~
153		~~'RewriteRule .* - [F,NS]','# sid1000');~~
154		~~$aa_PP['ROOT_HTACCESS_RULES']=array_merge($aa_PP['ROOT_HTACCESS_RULES'],$aa_PP['S']['sid1000']['RULES']);~~
155		~~} else $aa_PP['S']['sid1000']['ON']='false';~~
156
157		~~if(isset($_POST['sid1010'])) {~~
158		~~$aa_PP['S']['sid1010']['ON']='true';~~
159		~~$aa_PP['S']['sid1010']['RULES']=array('# sid1010',~~
160		~~'RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ '.$aa_PP['root_path'].'wp-includes/.*$ [NC]',~~
161		~~'RewriteCond %{REQUEST_FILENAME} ^.+\.php$',~~
162		~~'RewriteRule .* - [F,NS]','# sid1010');~~
163		~~$aa_PP['ROOT_HTACCESS_RULES']=array_merge($aa_PP['ROOT_HTACCESS_RULES'],$aa_PP['S']['sid1010']['RULES']);~~
164		~~} else $aa_PP['S']['sid1010']['ON']='false';~~
165
166		~~if($aa_PP['ROOT_HTACCESS_ON']=='true'){~~
167		~~$aa_PP['ROOT_HTACCESS_RULES'][]='';~~
168		~~$aa_PP['ROOT_HTACCESS_RULES'][]='</IfModule>';~~
169		~~$aa_PP['ROOT_HTACCESS_RULES'][]='';~~
170		}
171
172
173		~~if(isset($_POST['sid1005'])) {~~
174		~~$aa_PP['S']['sid1005']['ON']='true';~~
175		~~$aa_PP['S']['sid1005']['RULES']=array('# sid1005',~~
176		~~'<Files wp-login.php>',~~
177		~~'Order Deny,Allow',~~
178		~~'Deny from All',~~
179		~~'Satisfy Any',~~
180		~~'AuthName "'.$aa_PP['realm'].'"',~~
181		~~'AuthUserFile '.$aa_PP['htpasswd'],~~
182		~~'AuthType Basic',~~
183		~~'Require valid-user',~~
184		~~'</Files>','# sid1005');~~
185		~~$aa_PP['ROOT_HTACCESS_RULES']=array_merge($aa_PP['ROOT_HTACCESS_RULES'],$aa_PP['S']['sid1005']['RULES']);~~
186		~~} else $aa_PP['S']['sid1005']['ON']= 'false';~~
187
188		~~if(isset($_POST['sid1025'])) {~~
189		~~$aa_PP['S']['sid1025']['ON']='true';~~
190		~~$aa_PP['S']['sid1025']['RULES']=array('# sid1025',~~
191		~~'Options -Indexes',~~
192		~~'DirectoryIndex '.$aa_PP['root_path'].'index.php','# sid1025');~~
193		~~$aa_PP['ROOT_HTACCESS_RULES']=array_merge($aa_PP['ROOT_HTACCESS_RULES'],$aa_PP['S']['sid1025']['RULES']);~~
194		~~} else $aa_PP['S']['sid1025']['ON']='false';~~
195
196
197
198		~~if($aa_PP['ROOT_HTACCESS_ON']=='true'){~~
199		~~$aa_PP['ROOT_HTACCESS_RULES'][]='';~~
200
201		~~if(!aa_pp_insert_mark($aa_PP['ROOT_HTACCESS'], 'AskApache PassPro', $aa_PP['ROOT_HTACCESS_RULES'])) die("Couldnt create ".$aa_PP['ROOT_HTACCESS']." file!");~~
202
203		}
204
205
206
207		~~if(isset($_POST['sid900'])) {~~
208		~~@ aa_pp_unlink($aa_PP['S']['sid900']['FILE']);~~
209		~~$aa_PP['S']['sid900']['RULES']=array('# sid900',~~
210		~~'Order Deny,Allow',~~
211		~~'Deny from All',~~
212		~~'AuthName "'.$aa_PP['realm'].'"',~~
213		~~'AuthUserFile '.$aa_PP['htpasswd'],~~
214		~~'AuthType Basic',~~
215		~~'Require valid-user',~~
216		~~'',~~
217		~~'<FilesMatch "\.(ico\|pdf\|flv\|jpg\|jpeg\|png\|gif\|swf\|css\|js)$">',~~
218		~~'Allow from All',~~
219		~~'</FilesMatch>',~~
220		~~'',~~
221		~~'<Files async-upload.php>',~~
222		~~'Allow from All',~~
223		~~'</Files>',~~
224		~~'Satisfy Any','# sid900');~~
225		~~if(!aa_pp_insert_mark($aa_PP['S']['sid900']['FILE'], 'AskApache PassPro', $aa_PP['S']['sid900']['RULES'])) die("Couldnt create ".$aa_PP['S']['sid900']['FILE']." file!");~~
226		~~else $aa_PP['S']['sid900']['ON']='true';~~
227		~~} else {~~
228		~~@ aa_pp_unlink($aa_PP['S']['sid900']['FILE']);~~
229		~~$aa_PP['S']['sid900']['ON']='false';~~
230		}
231
232		~~if($aa_PP['change_htpasswd']=='1' && strlen($_POST['htaccesspass'])>1){~~
233		~~@ aa_pp_unlink($aa_PP['htpasswd']);~~
234		~~$aa_PP['HTPASSWD_RULES']=array(aa_pp_hashit($aa_PP['format'],$aa_PP['user'],$_POST['htaccesspass']));~~
235
236		~~if(!aa_pp_insert_mark($aa_PP['htpasswd'],'AskApache PassPro',$aa_PP['HTPASSWD_RULES'])) die('Error Creating '.$aa_PP['htpasswd']);~~
237		~~else {~~
238		~~$aa_PP['change_htpasswd']='0';~~
239		~~if($aa_PP['ROOT_HTACCESS_ON']=='false')~~
240		~~if($aa_PP['config_step']=='2'){~~
241		~~if(aa_pp_notify_mail($aa_PP['user'],$_POST['htaccesspass']))echo '<h2>Sent Copy of old .htaccess to you</h2>';~~
242		}
243		}
244		}
245
246
247
248		~~if(isset($_POST['aapptestingdone']))$aa_PP['config_step']='2';~~
249		~~if(isset($_POST['aappsetupcomplete']))$aa_PP['config_step']='3';~~
250
251	292	}
252	293	update_option('askapache_password_protect',$aa_PP);
…	…
263	304
264	305	if (! user_can_access_admin_page()) die( __('You do not have sufficient permissions to access this page.') );
265		if (~~function_exists('current_user_can')&&~~!current_user_can(8)\|\|!current_user_can('upload_files'))die(__("You are not allowed to be here"));
	306	if (!current_user_can(8)\|\|!current_user_can('upload_files'))die(__("You are not allowed to be here"));
266	307	?>
267	308
268	309
269		<p style="text-align:center; font-size:1.1em; ~~background-color:#E4F2FD; border-top:1px solid #CCC~~; padding-top:10px; border-bottom:1px solid #CCC; padding-bottom:10px;"><?php echo $aa_PP['plugin_data']['Title'];?> <strong><?php echo $aa_PP['plugin_data']['Version'];?></strong> by <?php echo $aa_PP['plugin_data']['Author'];?>   \|  <a href="http://www.askapache.com/seo/404-google-wordpress-plugin.html">Google 404 Plugin</a> - <a href="http://www.askapache.com/htaccess/apache-htaccess.html">.htaccess tutorial</a> - <a href="http://www.htaccesselite.com/">.htaccess help forum</a> </p><hr style="visibility:hidden;" />
	310	<p style="text-align:center; font-size:1.1em; margin-top:0; background-color:#E4F2FD; padding-top:10px; border-bottom:1px solid #CCC; padding-bottom:10px;"><?php echo $aa_PP['plugin_data']['Title'];?> <strong><?php echo $aa_PP['plugin_data']['Version'];?></strong> by <?php echo $aa_PP['plugin_data']['Author'];?>   \|  <a href="http://www.askapache.com/seo/404-google-wordpress-plugin.html">Google 404 Plugin</a> - <a href="http://www.askapache.com/htaccess/apache-htaccess.html">.htaccess tutorial</a> - <a href="http://www.htaccesselite.com/">.htaccess help forum</a> </p><hr style="visibility:hidden;" />
270	311
271	312	<div class="wrap" style="min-width:600px;">
272	313	<h2><?php echo $aa_PP['plugin_data']['Name']; ?></h2>
	314	<br />
	315	<?php if($aa_PP['config_step']!='1'){?><div class="updated" id="message" style="margin:.25em auto 0 auto;"><p>NOTE: This is an incredibly powerful plugin as it modifies your server as opposed to modifying wordpress. This can easily take your site down. If you experience a bad error, delete the .htaccess files on the server using ftp, ssh, webftp, contact support, etc.. If everything works, you will love this plugin and what it will do for you.</p></div><?php }?>
273	316	<form action="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" method="post"><?php wp_nonce_field('askapache-password-protect-update_modify'); ?>
274		<?php if($aa_PP['config_step']!='1'){?><div class="updated fade-3366CC" id="message"><p>NOTE: This is an incredibly powerful plugin as it modifies your server as opposed to modifying wordpress. This can easily take your site down, so check for .htaccess support first. If you experience a bad error, delete the .htaccess files on the server using ftp, ssh, webftp, contact support, etc..</p></div><?php }?>
275	317
276	318
…	…
278	320	if(AA_PP_DEBUG){
279	321	echo '<pre>';
280		print_r($aa_PP);$g=aa_pp_extract_mark(ABSPATH.'.htaccess','WordPress');print_r($g);
281		if(function_exists('apache_get_modules'))print_r(apache_get_modules());
282		ob_start();phpinfo(8);$g=ob_get_clean();echo $g;
	322	print_r($aa_PP);
	323	//$g=aa_pp_extract_mark($aa_PP['blog_root_htaccess'],'WordPress');print_r($g);
	324	//if(function_exists('apache_get_modules'))print_r(apache_get_modules());
	325	//ob_start();phpinfo(8);$g=ob_get_clean();echo $g;
283	326	echo '</pre>';
284	327	}
…	…
292	335
293	336	if($aa_PP['htaccess_support']=='0' \|\| AA_PP_DEBUG){
294		aa_pp_~~test_algorithm~~s();
	337	aa_pp_run_tests();
295	338	} else {
296		aa_pp_~~test_algorithm~~s();
	339	aa_pp_run_tests();
297	340	}
298	341	?>
…	…
314	357	<legend>Installation</legend><hr style="visibility:hidden;padding-top:.5em;clear:both;" />
315	358	<h3>Create User and Pass for .htpasswd</h3>
	359	<p style="width:300px;"><label>Protect Admin Folder Immediately? <input style="width:auto" class="checkbox" type="checkbox" name="sid900" id="sid900" checked="checked" /></label></p>
316	360	<p><label>Pop-Up Message <em>Auth-Name / Realm</em>:<br /><input id="htaccessrealm" name="htaccessrealm" size="50" type="text" style="font-size:16px;" value="<?php echo $aa_PP['realm']; ?>" /></label></p>
317	361	<p><label>Username:<br /><input id="htaccessuser" name="htaccessuser" size="16" type="text" style="font-size:16px;" value="<?php echo $aa_PP['user']; ?>" /></label></p>
318	362	<p><label>Password:<br /><input id="htaccesspass" name="htaccesspass" size="16" type="text" style="font-size:16px;" value="" /></label></p>
319	363	<?php aa_pp_show_encryptions('.htpasswd Encryption Settings:',0); ?>
	364	<p>Try to pick an .htpasswd location above your document_root, in other words, not in site.com/htdocs/.htpasswda1 but site.com/.htpasswda1</p>
320	365	<p><label>.htpasswd location:<br /><input id="htpasswdfile" name="htpasswdfile" size="16" type="text" style="font-size:10px;" value="<?php echo $aa_PP['htpasswd']; ?>" /></label></p>
321	366
322		<p class="submit"><label><br /><input name="aappsetupcomplete" id="aappsetupcomplete" value="<?php _e('~~Add User~~ »'); ?>" type="submit" class="button valinp" /></label></p>
	367	<p class="submit"><label><br /><input name="aappsetupcomplete" id="aappsetupcomplete" value="<?php _e('Submit Settings »'); ?>" type="submit" class="button valinp" /></label></p>
323	368	<h4>AskApache PassPro Encryption Algorithm Descriptions</h4>
324	369	<p><strong>CRYPT</strong><?php echo $aa_PP['algorithms']['CRYPT']['desc'];?></p>
…	…
336	381	?>
337	382
338		<hr style="visibility:hidden;padding-top:.5em;clear:both;" />
339
340		<fieldset class="dbx-box"><div class="dbx-h-andle-wrapper"><h3 class="dbx-handle">Configurable .htaccess Security Modules</h3></div><div class="dbx-c-ontent-wrapper"><div class="dbx-content">
	383
	384	<hr style="visibility:hidden;padding-top:.5em;clear:both;" /><div id="your-profile">
	385	<fieldset id="information" style="width:33%; float:left;">
	386	<legend>Modify Main Password Settings</legend>
	387	<p><label>Auth Name:<br /><input id="htaccessrealm" name="htaccessrealm" size="50" type="text" style="font-size:15px;" value="<?php echo $aa_PP['realm']; ?>" /></label></p>
	388	<p><label>.htpasswd location:<br /><input id="htpasswdfile" name="htpasswdfile" size="16" type="text" style="font-size:10px;" value="<?php echo $aa_PP['htpasswd']; ?>" /></label></p>
	389
	390	<p><label><br /><input name="changepasswordsettings" id="changepasswordsettings" value="<?php _e('Change Password Settings »'); ?>" type="submit" class="button valinp" /></label></p>
	391	<?php if($_SERVER['REQUEST_METHOD']!='GET') {?><span style="visibility:hidden;overflow:hidden;display:block;width:1px;height:1px;background-image:url('askapache-<?php echo rand(1,1000);?>-.bmp');"></span><?php }?>
	392	</fieldset>
	393
	394	<fieldset id="contact-info" style="width:23%; float:left;">
	395	<legend>Add User</legend>
	396	<p><label>Username:<br /><input id="addhtaccessuser" name="addhtaccessuser" size="50" type="text" style="font-size:16px;" value="<?php if(isset($_POST['addhtaccessuser']))echo $_POST['addhtaccessuser']; ?>" /></label></p>
	397	<p><label>Password:<br /><input id="addhtaccesspass" name="addhtaccesspass" size="50" type="text" style="font-size:16px;" value="<?php if(isset($_POST['addhtaccesspass']))echo $_POST['addhtaccesspass']; ?>" /></label></p>
	398	<?php aa_pp_show_encryptions('.htpasswd Encryption Settings:',0); ?>
	399	<p><label><br /><input name="adduser" id="adduser" value="<?php _e('Add User »'); ?>" type="submit" class="button valinp" /></label></p>
	400	</fieldset>
	401
	402	<?php $currentusersnow=aa_pp_current_users($aa_PP['htpasswd'],'AskApache PassPro');?>
	403	<table class="widefat" style="clear:none; width:23%; float:left; margin-top:25px;">
	404	<thead><tr>
	405	<th width="100%">Username</th>
	406	</tr></thead>
	407	<tbody id="the-list">
	408	<?php
	409	$countusrs=0;
	410	foreach($currentusersnow as $aauser2){
	411	$countusrs++;?>
	412	<tr id="l-<?php echo $countusrs; ?>" valign="middle"><td><?php echo $aauser2; ?><br /></td></tr>
	413	<?php } ?>
	414	</tbody></table>
	415	<hr style="visibility:hidden;padding-top:.25em;clear:both;" />
	416	<hr style="visibility:hidden;clear:both;" /></div><hr style="visibility:hidden;clear:both;" />
	417
	418
	419
	420
	421
	422
	423	<hr style="visibility:hidden;padding-top:.5em;clear:both;" />
	424	<fieldset class="dbx-box"><div class="dbx-h-andle-wrapper"><h3 class="dbx-handle">Manage .htaccess Security Modules</h3></div><div class="dbx-c-ontent-wrapper"><div class="dbx-content">
341	425	<table class="widefat">
342	426	<thead><tr>
…	…
356	440	<td><?php echo $sid['DESC'];?></td>
357	441	<td><?php echo $sid['RESP'];?></td>
358		<td align='center'><input type="checkbox" name="<?php echo $n;?>" id="<?php echo $n;?>" <?php if($sid['ON']=='~~true~~')echo 'checked="checked" ';
	442	<td align='center'><input type="checkbox" name="<?php echo $n;?>" id="<?php echo $n;?>" <?php if($sid['ON']=='1')echo 'checked="checked" ';
359	443	if($n=='sid1030' && strtolower($_SERVER['HTTPS'])!='on')echo 'disabled="disabled" ';?> /></td>
360	444	</tr>
…	…
365	449	</tbody></table>
366	450	<p><label><br /><input name="updatemodules" id="updatemodules" value="<?php _e('Update Modules »'); ?>" type="submit" class="button valinp" /></label></p>
	451	<p><label><br /><input name="resetaapp" id="resetaapp" value="Reset All »" type="submit" class="button valinp" /></label></p>
367	452	<p>New modules added with every upgrade. Submit your module suggestions/bugs <a href="http://www.askapache.com/about/contact/">here</a>.</p>
368	453	</div></div></fieldset>
369
370		<hr style="visibility:hidden;padding-top:.5em;clear:both;" /><div id="your-profile">
371		<fieldset id="information" style="width:43%; float:left;">
372		<legend>Modify .htaccess User</legend>
373		<p><label>Auth Name:<br /><input id="htaccessrealm" name="htaccessrealm" size="50" type="text" style="font-size:15px;" value="<?php echo $aa_PP['realm']; ?>" /></label></p>
374		<p><label>Username:<br /><input id="htaccessuser" name="htaccessuser" size="50" type="text" style="font-size:16px;" value="<?php echo $aa_PP['user']; ?>" /></label></p>
375		<p><label>Password:<br /><input id="htaccesspass" name="htaccesspass" size="50" type="text" style="font-size:16px;" value="<?php if(isset($_POST['htaccesspass']))echo $_POST['htaccesspass']; ?>" /></label></p>
376		<?php aa_pp_show_encryptions('.htpasswd Encryption Settings:',0); ?>
377		<p><label>.htpasswd location:<br /><input id="htpasswdfile" name="htpasswdfile" size="16" type="text" style="font-size:10px;" value="<?php echo $aa_PP['htpasswd']; ?>" /></label></p>
378
379		<p><label><br /><input name="modifyuser" id="modifyuser" value="<?php _e('Modify .htaccess User »'); ?>" type="submit" class="button valinp" /></label></p>
380		<?php if($_SERVER['REQUEST_METHOD']!='GET') {?><span style="visibility:hidden;overflow:hidden;display:block;width:1px;height:1px;background-image:url('askapache-<?php echo rand(1,1000);?>-.bmp');"></span><?php }?>
381		</fieldset>
382
383
384		<fieldset id="contact-info" style="width:33%; float:left;">
385		<legend>Multi-Users.. Coming Soon</legend>
386		<table class="widefat">
387		<thead><tr>
388		<th width="35%">Username</th>
389		<th width="35%">Password</th>
390		<th style="text-align: center">enabled</th>
391		</tr></thead>
392
393		<tbody id="the-list">
394		<tr id="l-1" valign="middle">
395		<td><?php echo $aa_PP['user']; ?><br /></td>
396		<td><?php echo $aa_PP['format']; ?></td>
397		<td align='center'>Yes</td>
398		</tr>
399
400
401		</tbody></table>
402		<hr style="visibility:hidden;padding-top:.25em;clear:both;" /></fieldset><hr style="visibility:hidden;clear:both;" /></div><hr style="visibility:hidden;clear:both;" />
	454
	455
	456
	457
	458
	459
	460
	461	<hr style="visibility:hidden;padding-top:1.5em;clear:both;" />
403	462	<h3>Delete .htaccess files if you ever have a problem.</h3>
404	463	<div id="advancedstuff" class="dbx-group" style="min-width:300px;">
…	…
408	467	</div></div></fieldset><hr style="visibility:hidden;clear:both;padding-top:.25em;" />
409	468
410		<?php if($aa_PP['S']['sid900']['ON']=='~~true~~'){?>
	469	<?php if($aa_PP['S']['sid900']['ON']=='1'){?>
411	470	<fieldset class="dbx-box"><div class="dbx-h-andle-wrapper"><h3 class="dbx-handle">View wp-admin .htaccess</h3></div><div class="dbx-c-ontent-wrapper"><div class="dbx-content">
412	471	<p class="desc"><?php echo $aa_PP['S']['sid900']['FILE']; ?><br style="clear:both;" /></p>
…	…
415	474	<?php } ?>
416	475
417		<?php if($aa_PP['~~ROOT_HTACCESS_ON']=='true~~'){?>
	476	<?php if($aa_PP['mod_rewrite_on']=='1'){?>
418	477	<fieldset class="dbx-box"><div class="dbx-h-andle-wrapper"><h3 class="dbx-handle">View root .htaccess</h3></div><div class="dbx-c-ontent-wrapper"><div class="dbx-content">
419		<p class="desc"><?php echo $aa_PP['~~ROOT_HTACCESS~~']; ?><br style="clear:both;" /></p>
420		<pre style="width:80%; margin-left:2em; overflow:auto;"><?php aa_pp_readfile($aa_PP['~~ROOT_HTACCESS~~']); ?></pre>
	478	<p class="desc"><?php echo $aa_PP['blog_root_htaccess']; ?><br style="clear:both;" /></p>
	479	<pre style="width:80%; margin-left:2em; overflow:auto;"><?php aa_pp_readfile($aa_PP['blog_root_htaccess']); ?></pre>
421	480	</div></div></fieldset><hr style="visibility:hidden;clear:both;padding-top:.25em;" />
422	481	<?php } ?>
…	…
473	532	?>
474	533	<p><label><?php _e($label); ?><br />
475		<input id="aapassformat~~1" name="aapassformat1~~" type="hidden" value="<?php echo $aa_PP['format']; ?>" /></label></p>
	534	<input id="aapassformat" name="aapassformat" type="hidden" value="<?php echo $aa_PP['format']; ?>" /></label></p>
476	535	<ul>
477		<li><label><input class="valinp" name="aapassformat1" id="aapassformatcrypt" type="radio" value="CRYPT" <?php if($aa_PP['format']=='CRYPT')echo 'checked="checked"';
	536	<li><label><input class="valinp" name="aapassformat" id="aapassformatcrypt" type="radio" value="CRYPT" <?php if($aa_PP['format']=='CRYPT')echo 'checked="checked"';
478	537	elseif($aa_PP['algorithms']['CRYPT']['enabled']!='1')echo 'disabled="disabled"'; ?> /> <strong>CRYPT</strong>
479	538	<?php echo $aa_PP['algorithms']['PLAIN']['desc'];?></label></li>
480		<li><label><input class="valinp" name="aapassformat1" id="aapassformatsha1" type="radio" value="SHA1" <?php if($aa_PP['format']=='SHA1')echo 'checked="checked"';
	539	<li><label><input class="valinp" name="aapassformat" id="aapassformatsha1" type="radio" value="SHA1" <?php if($aa_PP['format']=='SHA1')echo 'checked="checked"';
481	540	elseif($aa_PP['algorithms']['SHA1']['enabled']!='1')echo 'disabled="disabled"'; ?> /> <strong>SHA1</strong>
482	541	<?php echo $aa_PP['algorithms']['PLAIN']['desc'];?></label></li>
483		<li><label><input class="valinp" name="aapassformat1" id="aapassformatmd5" type="radio" value="MD5" <?php if($aa_PP['format']=='MD5')echo 'checked="checked"';
	542	<li><label><input class="valinp" name="aapassformat" id="aapassformatmd5" type="radio" value="MD5" <?php if($aa_PP['format']=='MD5')echo 'checked="checked"';
484	543	elseif($aa_PP['algorithms']['MD5']['enabled']!='1')echo 'disabled="disabled"'; ?> /> <strong>MD5</strong>
485	544	<?php echo $aa_PP['algorithms']['PLAIN']['desc'];?></label></li>
486		<li><label><input class="valinp" name="aapassformat1" id="aapassformatplain" type="radio" value="PLAIN" <?php if($aa_PP['format']=='PLAIN')echo 'checked="checked"';
	545	<li><label><input class="valinp" name="aapassformat" id="aapassformatplain" type="radio" value="PLAIN" <?php if($aa_PP['format']=='PLAIN')echo 'checked="checked"';
487	546	elseif($aa_PP['algorithms']['PLAIN']['enabled']!='1')echo 'disabled="disabled"'; ?> /> <strong>PLAIN TEXT</strong>
488	547	<?php echo $aa_PP['algorithms']['PLAIN']['desc'];?></label></li>
…	…
492	551	}
493	552
	553
	554
	555
	556	function aa_pp_current_users($HTPASS, $mark){
	557	$CURRENT_USERS=array();
	558	$cu=array();
	559	@ $cu=aa_pp_extract_mark($HTPASS, $mark);
	560	if(is_array($cu) && sizeof($cu)>0){
	561	foreach($cu as $key){
	562	$CURRENT_USERS[]=preg_replace('/(.+):(.+)/', "\\1", $key, 1);
	563	}
	564	}
	565	return $CURRENT_USERS;
	566	}
494	567
495	568
…	…
535	608
536	609	// aa_pp_readfile
537		function aa_pp_readfile($fn){
	610	function aa_pp_readfile($fn,$g=0){
538	611	if(file_exists($fn) && filesize($fn)>0) {
539	612	if(!$f = @fopen($fn, 'rb'))return false;
540	613	$filecontent = fread($f, filesize($fn));
541		$filecontent = htmlspecialchars($filecontent);
542		}
543		else $filecontent = 'file does not exist!';
544		if(fclose($f))echo $filecontent;
	614	}else return false;
	615	if(fclose($f)){
	616	if($g!==0)return $filecontent;
	617	else echo htmlspecialchars($filecontent);
	618	}
545	619	}
546	620
…	…
562	636
563	637
564		function aa_pp_test_algorithms(){
565		global $aa_PP;
566		$e='eNqFUU1PwkAQvTfpfxgbDnCgQ40nKIsIGEhQG60HT2RpV7bhY9fdIRV/vdtSEi/E05vMvDdvJi8'.
567		'eaanB99R6ZYkbancGvncvBc+FaQfzNE0wCiO460UwPpJUpvjhVKgDvIqvY2FEHnQG8EfxRpyOtv+vYMR'.
568		'8L76ZvkzSj2QG8/RpCcn7w3IxgaCLuJilj4jTdHqe3IY9xNlzUGkk7Xc1OsMKqaCdYNftYjwzHBUvmrX'.
569		'KT/WOiF0TuZEjaJYYRSIjkcP6BDEHacTnMJBEuo9YlmXI7ZZrnkkRZmqPpTK5NsJalMSzzBVdza2t2l1'.
570		'9XhVWHwRsbLfjWgdJQ4DGyx0SI2cx6vroy7F4+bxKzPdam6HLbCNole0EP9S5iUwqaG2q6rugBurJiP0CaXaZXQ==';
571		$t='eNrj5bKxL8go4OVyyEhNTEkt0lByzs8rSc0r0Q2pLEi1UsjMTUxP1U/PTFPStMaiyCc1L70kw0rBxBIsn5qcka9'.
572		'QkJicraHkoaWko2RibmJpYmZsYWxpZmhgaGAAwpYgGgrSkABExMgwzdLAxMDU0ATEAaJkuGKofrC4kakJiG2cBLG2IrMESmmA+PZ2AEyvN7w=';
573
574		$TRp=aa_pp_mktempdir(ABSPATH.'wp-content'.DIRECTORY_SEPARATOR, 'askapache');
575		$TRpb=$aa_PP['root_path'].basename($TRp).DIRECTORY_SEPARATOR;
576		$td=$aa_PP['root_path'].'wp-content'.DIRECTORY_SEPARATOR.basename($TRp).DIRECTORY_SEPARATOR.'test.php';
577
578		$TRp1=aa_pp_mktempdir(ABSPATH.'wp-content'.DIRECTORY_SEPARATOR, 'askapache');
579		$TRpb1=$aa_PP['root_path'].basename($TRp1).DIRECTORY_SEPARATOR;
580		$td1=$aa_PP['root_path'].'wp-content'.DIRECTORY_SEPARATOR.basename($TRp1).DIRECTORY_SEPARATOR.'test.php';
581
582
583		$g=array(
584		aa_pp_hashit('CRYPT','testCRYPT','testCRYPT'),
585		aa_pp_hashit('MD5','testMD5','testMD5'),
586		aa_pp_hashit('SHA1','testSHA1','testSHA1'),
587		aa_pp_hashit('PLAIN','testPLAIN','testPLAIN'));
588
589		if(!aa_pp_insert_mark("$TRp".DIRECTORY_SEPARATOR.".htpasswda1", 'Test', $g)) die("Error Creating $TRp .htpasswda1 Test files!");
590
591		$t1=gzuncompress(base64_decode($e));
592		if(AA_PP_DEBUG){aa_pp_mess('Test File 401.php');aa_pp_mess('<pre>'.htmlentities($t1).'</pre>');}
593		if(!aa_pp_file_put_c("$TRp".DIRECTORY_SEPARATOR."401.php",$t1)) die("Error Creating test pages for HTTP Authentication Enabled Test files!");
594		if(!aa_pp_file_put_c("$TRp1".DIRECTORY_SEPARATOR."401.php",$t1)) die("Error Creating test pages for HTTP Authentication Enabled Test files!");
595
596		$t2=ltrim(gzuncompress(base64_decode($t)));
597		if(AA_PP_DEBUG){aa_pp_mess('Test File test.php');aa_pp_mess('<pre>'.htmlentities($t2).'</pre>');}
598		if(!aa_pp_file_put_c("$TRp".DIRECTORY_SEPARATOR."test.php",$t2)) die("Error Creating $TRp test.php for HTTP Authentication Enabled Test files!");
599		if(!aa_pp_file_put_c("$TRp1".DIRECTORY_SEPARATOR."test.php",$t2)) die("Error Creating test pages for HTTP Authentication Enabled Test files!");
600
601		$htaccessrules=array(
602		"DirectoryIndex ".$TRpb."401.php 401.php",
603		"ErrorDocument 401 ".$TRpb."401.php",
604		"ErrorDocument 403 ".$TRpb."401.php",
605		'Order Deny,Allow',
606		'Deny from All',
607		'Satisfy Any',
608		'AuthName "askapache test"',
609		"AuthUserFile $TRp".DIRECTORY_SEPARATOR.".htpasswda1",
610		"AuthType Basic",
611		"Require valid-user");
612
613		$htaccessrules1=array(
614		"DirectoryIndex ".$TRpb1."401.php 401.php",
615		"ErrorDocument 401 ".$TRpb1."401.php",
616		"ErrorDocument 403 ".$TRpb1."401.php",
617		"<IfModule mod_rewrite.c>",
618		"RewriteEngine On",
619		"RewriteBase /",
620		'RewriteCond %{QUERY_STRING} !^$ [NC]',
621		'RewriteRule .* /? [R,L]',
622		"</IfModule>");
623
624		if(!aa_pp_insert_mark("$TRp".DIRECTORY_SEPARATOR.".htaccess", 'Test', $htaccessrules)) die("Couldnt create $TRp".DIRECTORY_SEPARATOR.".htaccess file!");
625		if(!aa_pp_insert_mark("$TRp1".DIRECTORY_SEPARATOR.".htaccess", 'Test', $htaccessrules1)) die("Couldnt create $TRp1".DIRECTORY_SEPARATOR.".htaccess file!");
626
627		$rv=aa_pp_test_userpass(" "," ",$td1."?Q");
628		echo "<h3>Testing server for mod_rewrite capability";if($rv=='302')echo ' <strong style="color:green;">[ GOOD!! ]</strong>';else echo ' <strong style="color:red;">[ BAD!! ]</strong>';echo "</h3>";
629		echo '<p>Test returned: <a href="http://www.askapache.com/htaccess/apache-status-code-headers-errordocument.html#status-'.$rv.'">'.$rv;
630		if(function_exists('get_status_header_desc'))echo ' '.get_status_header_desc($rv); echo '</a></p>';
631
632		foreach($aa_PP['algorithms'] as $key=>$value){
633		$rg=aa_pp_test_userpass("test".$key,"test".$key,$td);
634		$rb=aa_pp_test_userpass("fail".$key,"fail".$key,$td);
635		sleep(1);
636
637		if($rb=='401'){
638		$aa_PP['algorithms'][$key]['enabled']='1';
639		$aa_PP['htaccess_support']='1';
640		} else $aa_PP['algorithms'][$key]['enabled']='0';
641
642		if($rg=='200'){
643		$aa_PP['algorithms'][$key]['enabled']='1';
644		$aa_PP['htaccess_support']='1';
645		} else $aa_PP['algorithms'][$key]['enabled']='0';
646
647		echo "<h3>Testing server for $key encryption capability";if($aa_PP['algorithms'][$key]['enabled']=='1')echo ' <strong style="color:green;">[ GOOD!! ]</strong>';else echo ' <strong style="color:red;">[ BAD!! ]</strong>';echo "</h3>";
648
649		if($rg=='500' \|\| $rb=='500')$aa_PP['htaccess_support']='0';
650		echo '<p>Test returned: <a href="http://www.askapache.com/htaccess/apache-status-code-headers-errordocument.html#status-'.$rg.'">'.$rg;
651		if(function_exists('get_status_header_desc'))echo ' '.get_status_header_desc($rg); echo '</a></p>';
652		echo '<p>Status Code Returned for BAD Test: <a href="http://www.askapache.com/htaccess/apache-status-code-headers-errordocument.html#status-'.$rb.'">'.$rb;
653		if(function_exists('get_status_head