source: cgi-scripts/htpasswd-adduser@ 239

Last change on this file since 239 was 213, checked in by Rick van der Zwet, 14 years ago

Modeled over dovecat-changepw, but now for new user accounts.

  • Property svn:executable set to *
File size: 3.0 KB
Line 
1#!/usr/bin/perl -w
2#
3# $Id$
4#
5# Simple CGI script to change your password, currently 'configured'
6# for dovecotpw, but could easy be ported to something else.
7#
8# License: BSDLike
9# Rick van der Zwet <info@rickvanderzwet.nl>
10
11# WARNING: Fail safe switch
12# WARNING: CHANGE ME TO A STATIC STRING ELSE I FAIL TO WORK
13$STATIC_AUTH_KEY= rand(100000);
14
15use CGI;
16$q = CGI->new;
17
18$MIN_PASSWD_LENGTH=8;
19
20$PASSWDFILE='/usr/local/www/eurobsdcon2011/.htpasswd';
21$HTPASSWD='/usr/local/sbin/htpasswd';
22
23
24if (! -w $PASSWDFILE || ! -x $HTPASSWD) {
25 print $q->header(-status=>$error);
26 print $q->start_html('Problems');
27 print $q->h2('Not able to open internals (database or binary)');
28 exit 1;
29};
30
31
32# Message 'buffer', entries in here will be pushed on top of form
33@messages = ();
34
35
36#
37# Verify validity of CGI input
38sub check_cgi() {
39 if ($q->request_method() eq "POST") {
40 if (! ($q->param('username') && $q->param('auth_key') &&
41 $q->param('new_password') && $q->param('verify_password'))) {
42 push(@messages, "Not all fields are provided");
43 return 1;
44 }
45 if ($q->param('new_password') ne $q->param('verify_password')) {
46 push(@messages, 'New passwords does not match');
47 return 1;
48 }
49 if ($q->param('new_password') eq $q->param('auth_key')) {
50 push(@messages, 'New password equal to old password not changing');
51 return 1;
52 }
53 if (length($q->param('new_password')) < $MIN_PASSWD_LENGTH) {
54 push(@messages, "New password to short (minimal $MIN_PASSWD_LENGTH characters)");
55 return 1;
56 }
57 return 0;
58 }
59 return 1;
60}
61
62
63#
64# Process CGI, assuming all values are correct
65sub process_cgi_for_dovecotpw() {
66 my $username = $q->param('username');
67 my $auth_key = $q->param('auth_key');
68 my $new_password = $q->param('new_password');
69
70 if ($auth_key ne $STATIC_AUTH_KEY) {
71 push(@messages, "Auth key invalid");
72 return;
73 }
74
75 my $retval = `grep '^$username:' $PASSWDFILE`;
76 if ( $retval ) {
77 push(@messages, "Username does already exists!");
78 return;
79 }
80
81 $password = `$HTPASSWD -b $PASSWDFILE $username $new_password 2>&1`;
82 push(@messages, "User added succesfully ($password)");
83}
84
85# Only process if field are valid
86if (check_cgi() == 0) {
87 process_cgi_for_dovecotpw();
88}
89
90print $q->header;
91print $q->start_html('Change Email Password');
92print $q->start_center();
93if (@messages) {
94 print $q->h2($q->ul({-style => 'list-style-type: none'}, $q->li(@messages)));
95};
96print $q->start_form();
97print $q->table($q->caption($q->h2('Please provide your values to change password')),
98 $q->Tr([$q->td(['username', $q->textfield('username','somebody')])]),
99 $q->Tr([$q->td(['auth key', $q->password_field('auth_key')])]),
100 $q->Tr([$q->td(['new password', $q->password_field('new_password')])]),
101 $q->Tr([$q->td(['verify new password', $q->password_field('verify_password')])]),
102 $q->Tr([$q->td({-colspan=>2,-align=>'center'},[$q->submit('submit', 'Change Password')])])
103);
104print '</table>';
105print $q->end_form();
106print $q->end_center();
107print $q->end_html;
Note: See TracBrowser for help on using the repository browser.