[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
web-based passwd change - MY SOLUTION!!!!
- From: Jake McHenry <jmchenry oak kcsd k12 pa us>
- To: redhat-list redhat com
- Subject: web-based passwd change - MY SOLUTION!!!!
- Date: Fri, 1 Sep 2000 12:34:34 -0400 (EDT)
Ok, here ya go guys. This is what I put together for my users at work. Hope it
helps you in what you were trying to do.
the perl script goes in your htdocs/cgi-bin directory. The index.html page you
can change to your liking, it just uses a form and POSTs it to the perl script.
Like I said before, it's quit simple. Hope it helps you in what ever you were
trying to accomplish.
Jake McHenry
jmchenry oak kcsd k12 pa us
#!/usr/local/bin/perl -- -*-perl-*-
$SIG{'INT'} = 'handler';
$SIG{'QUIT'} = 'handler';
$SIG{'KILL'} = 'handler';
$LOCALTIME = localtime;
select(LOG);
$|=1;
select(STDOUT);
$|=1;
open(STDERR, ">&STDOUT");
$CType = "content-type: text/html\n\n";
print "content-type: text/html\n\n";
# $POPPWDLOG = "/home/admin/poppassd/webpass.log";
$POPPWDLOG = "/home/web/webpass/webpass.log";
open(LOG,">>$POPPWDLOG") || die ("<h1><center>Cannot open logging file.</center></h1><p>Contact the system administrator.");
flock(LOG,8) || die ("<h1><center>Can't establish file lock.</center></h1><p>Please try again later. If the problem persists, contact the system administrator.");
# get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
# get the ip address
$REMOTEIP = $ENV{'REMOTE_ADDR'};
# Split the name-value pairs
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
# Un-Webify plus signs and %-encoding
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
# added next two lines to security (i think) ... no metacharacters?
# i borrowed these lines from other perl scripts that do security
# server side includes
$value =~ s/<!--(.|\n)*-->//g;
# stop people from using subshells to execute commands
$value =~ s/~!/ ~!/g;
$FORM{$name} = $value;
}
# Print a title and initial heading
print STDOUT "<Html>\n<meta http-equiv=\"Pragma\" content=\"no-cache\">\n";
print STDOUT "<Head><Title>Information Systems/Network Services</Title></Head>\n\n";
$PWDHOST = $FORM{'pwdhost'};
$PWDUSERID = $FORM{'pwduserid'};
$PWDOLDPWD = $FORM{'pwdoldpwd'};
$PWDNEWPWD = $FORM{'pwdnewpwd'};
$PWDVERIFY = $FORM{'pwdverify'};
# If the comments are blank, then give a "blank form" response
if (! $PWDUSERID) {
print LOG "$LOCALTIME - error: no username supplied from $REMOTEIP to server $PWDHOST\n";
print "<center><p>\n";
print "<h1>PASSWORD NOT CHANGED</h1>\n<h2>Blank Username Field</h2>\n";
print "You must specify a USERNAME to attempt a password change.\n";
print "<p>Use your browser's BACK button to return to the Password Changing page to try again.\n";
close(LOG);
exit(1);
}
if (! $PWDNEWPWD) {
print LOG "$LOCALTIME - error: no new password given for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<center><p>\n";
print "<h1>PASSWORD NOT CHANGED</h1>\n<h2>Blank New Password Field</h2>\n";
print "You must specify a NEW PASSWORD to attempt a password change.\n";
print "<p>Use your browser's BACK button to return to the Password Changing page to try again.\n";
print "</center></body></html>\n";
close(LOG);
exit(2);
}
if( $PWDNEWPWD ne $PWDVERIFY ) {
print LOG "$LOCALTIME - error: new password verify failed for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<center><p>\n";
print "<h1>PASSWORD NOT CHANGED</h1>";
print "<h2>You did not type the same new password in both<br>\n";
print "NEW PASSWORD fields as is required!</h2>";
print "<p>Use your browser's BACK button to return to the Password Changing page to try again.\n";
print "</center></body></html>\n";
close(LOG);
exit(3);
}
$AF_INET = 2;
$SOCK_STREAM = 1;
$ACCTYPE = $FORM{'acctype'};
$PORT = 106;
$SOCKADDR = 'S n a4 x8';
chop($HOSTNAME = `hostname`);
($name,$aliases,$proto) = getprotobyname('tcp');
($name,$aliases,$type,$len,$thisaddr) = gethostbyname($HOSTNAME);
($name,$aliases,$type,$len,$thataddr) = gethostbyname($PWDHOST);
$THIS = pack($SOCKADDR, $AF_INET, 0, $thisaddr);
$THAT = pack($SOCKADDR, $AF_INET, $PORT, $thataddr);
if(!socket(S,$AF_INET,$SOCK_STREAM,$proto)) {
print LOG "$LOCALTIME - error: cannot get socket filehandle for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
die ("<h1><center>Could not get socket filehandle!</h1><p><h2>Please try again later. If the problem persists, contact the system administartor.</h2></center>");
exit(4);
}
if(!bind(S,$THIS)) {
print LOG "$LOCALTIME - error: cannot give socket an address for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
die ("<h1><center>Could not give socket an address!</h1><p><h2>Please try again later. If the problem persists, contact the system administrator.</h2></center>");
exit(4);
}
if(!connect(S,$THAT)) {
print LOG "$LOCALTIME - error: cannot contact $PWDHOST for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
die ("<h1><center>Could not connect to $PWDHOST!<h1><p><h2>Please try again later. If the problem persists, contact the system administrator.</h2></center>");
exit(4);
}
select(S);
$| = 1;
select(STDOUT);
print S "user $PWDUSERID\npass $PWDOLDPWD\nnewpass $PWDNEWPWD\nquit\n";
shutdown(S,1);
select(STDOUT);
$|=1;
while(<S>) {
$BUFFER .= $_;
}
if ($BUFFER =~ /Password changed/) {
print LOG "$LOCALTIME - success: password changed for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<center><h1>Password Change Information</h1></center><hr>\n";
print "<center><h1>PASSWORD SUCCESSFULLY CHANGED</h1></center>";
print "<hr>Server messages are listed below for informational use only:";
print "<pre>$BUFFER\n<pre>";
}
else {
print "<center><h1>PASSWORD NOT CHANGED</h1><p>\n";
if ($BUFFER =~ /Bad username\/password/) {
print LOG "$LOCALTIME - error: bad username/password for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<h2>Bad Username or Password</h2>\n";
print "Either the user does not exist on this system or the current<br>\n";
print "password is not correct\n";
}
elsif ($BUFFER =~ /New password length/) {
print LOG "$LOCALTIME - error: password too short for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<center><h2>Password Too Short</h2>\n";
print "The new Password must be at least 5 characterse in length\n";
}
elsif ($BUFFER =~ /New password required/) {
print LOG "$LOCALTIME - error: blank new password for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<center><h2>Blank New Password</h2>";
}
else {
print LOG "$LOCALTIME - error: buffer = \"$BUFFER\" for $PWDUSERID from $REMOTEIP to server $PWDHOST\n";
print "<center><h2>There was an unexpected error attempting to change your password</h2></center>";
}
print "</center><p>";
print "<h3>Examine server messages for possible problem determination:</h3>\n";
print "<pre>$BUFFER\n<pre>";
print "</body></html>\n";
}
exit(0);
sub handler {
local($sig) = @_;
close(LOG);
exit(0);
}
<html>
<body>
<table border="1" width="70%">
<tr>
<td><form action="http://your_url_here/cgi-bin/chgpwd.pl"; method="POST">
<input type="hidden" name="pwdhost" value="your_domain">
<div align="center">
<center>
<table border="0" cellpadding="3" cellspacing="5">
<tr>
<td align="right">Enter <b>USERNAME</b>:</td>
<td><input type="text" size="20" name="pwduserid" tabindex="2"></td>
</tr>
<tr>
<td align="right">Enter <b>CURRENT PASSWORD</b>:</td>
<td><input type="password" size="20" name="pwdoldpwd" tabindex="3"></td>
</tr>
<tr>
<td align="right">Enter <b>NEW PASSWORD</b>:</td>
<td><input type="password" size="20" name="pwdnewpwd" tabindex="4"></td>
</tr>
<tr>
<td align="right">Verify <b>NEW PASSWORD</b>:</td>
<td><input type="password" size="20" name="pwdverify" tabindex="5"></td>
</tr>
</table>
</center></div><div align="center"><center><table border="0">
<tr>
<td align="center" width="50%"><input type="submit" value="Change Password"></td>
<td align="center" width="50%"><input type="reset" value="Clear Form"></td>
</tr>
</table>
</body>
</html>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]