1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
package main
import (
"bytes"
"database/sql"
"net/http"
"regexp"
"strings"
_ "github.com/lib/pq"
"github.com/simia-tech/crypt"
"golang.org/x/text/encoding/japanese"
"golang.org/x/text/transform"
)
const SaltTable = "" +
"................................" +
".............../0123456789ABCDEF" +
"GABCDEFGHIJKLMNOPQRSTUVWXYZabcde" +
"fabcdefghijklmnopqrstuvwxyz....." +
"................................" +
"................................" +
"................................" +
"................................"
func TripCode(pass string) string {
pass = TripCodeConvert(pass)
var salt [2]rune
s := []rune(pass + "H..")[1:3]
for i, r := range s {
salt[i] = rune(SaltTable[r%256])
}
enc, err := crypt.Crypt(pass, "$1$"+string(salt[:]))
CheckError(err, "crypt broke")
return enc[len(enc)-10 : len(enc)]
}
func TripCodeSecure(pass string) string {
pass = TripCodeConvert(pass)
enc, err := crypt.Crypt(pass, "$1$"+Salt)
CheckError(err, "crypt secure broke")
return enc[len(enc)-10 : len(enc)]
}
func TripCodeConvert(str string) string {
var s bytes.Buffer
transform.NewWriter(&s, japanese.ShiftJIS.NewEncoder()).Write([]byte(str))
re := strings.NewReplacer(
"&", "&",
"\"", """,
"<", "<",
">", ">",
)
return re.Replace(s.String())
}
func CreateNameTripCode(r *http.Request, db *sql.DB) (string, string) {
input := r.FormValue("name")
tripSecure := regexp.MustCompile("##(.+)?")
if tripSecure.MatchString(input) {
chunck := tripSecure.FindString(input)
chunck = strings.Replace(chunck, "##", "", 1)
ce := regexp.MustCompile(`(?i)Admin`)
admin := ce.MatchString(chunck)
board, modcred := GetPasswordFromSession(r)
if admin && HasAuth(db, modcred, board) {
return tripSecure.ReplaceAllString(input, ""), "#Admin"
}
hash := TripCodeSecure(chunck)
return tripSecure.ReplaceAllString(input, ""), "!!" + hash
}
trip := regexp.MustCompile("#(.+)?")
if trip.MatchString(input) {
chunck := trip.FindString(input)
chunck = strings.Replace(chunck, "#", "", 1)
ce := regexp.MustCompile(`(?i)Admin`)
admin := ce.MatchString(chunck)
board, modcred := GetPasswordFromSession(r)
if admin && HasAuth(db, modcred, board) {
return trip.ReplaceAllString(input, ""), "#Admin"
}
hash := TripCode(chunck)
return trip.ReplaceAllString(input, ""), "!" + hash
}
return input, ""
}
|
