]>
git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - html/cgi-bin/chpasswd.cgi
2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
24 $swroot = "/var/ipfire";
30 $proxysettings{'NCSA_MIN_PASS_LEN'} = 6;
32 ### Initialize environment
33 &readhash
("${swroot}/main/settings", \
%mainsettings);
34 &readhash
("${swroot}/proxy/advanced/settings", \
%proxysettings);
35 $language = $mainsettings{'LANGUAGE'};
37 ### Initialize language
38 if ($language =~ /^(\w+)$/) {$language = $1;}
40 # Uncomment this to force a certain language:
43 require "${swroot}/langs/en.pl";
44 require "${swroot}/langs/${language}.pl";
46 my $userdb = "$swroot/proxy/advanced/ncsa/passwd";
48 &readhash
("$swroot/ethernet/settings", \
%netsettings);
52 &getcgihash
(\
%cgiparams);
54 if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'})
56 if ($cgiparams{'USERNAME'} eq '')
58 $errormessage = $tr{'advproxy errmsg no username'};
61 if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq ''))
63 $errormessage = $tr{'advproxy errmsg no password'};
66 if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'}))
68 $errormessage = $tr{'advproxy errmsg passwords different'};
71 if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'})
73 $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'};
88 @temp = split(/:/,$_);
89 if ($temp[0] =~ /^$cgiparams{'USERNAME'}$/i)
98 $errormessage = $tr{'advproxy errmsg invalid user'};
101 if (!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd))
103 $errormessage = $tr{'advproxy errmsg password incorrect'};
106 $returncode = system("/usr/bin/htpasswd -b $userdb $username $cgiparams{'NEW_PASSWORD_1'}");
107 if ($returncode == 0)
112 $errormessage = $tr{'advproxy errmsg change fail'};
119 print "Pragma: no-cache\n";
120 print "Cache-control: no-cache\n";
121 print "Connection: close\n";
122 print "Content-type: text/html\n\n";
127 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
131 <body bgcolor="#FFFFFF">
135 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
137 <table width="80%" cellspacing="10" cellpadding="5" border="0">
140 <td bgcolor="#C0C0C0">
141 <font face="verdana, arial, sans serif" color="#000000" size="2">
147 <td bgcolor="#F4F4F4" align="center">
148 <table width="100%" cellspacing="10" cellpadding="10">
150 <td nowrap bgcolor="#0050C0" align="center">
151 <font face="verdana, arial, sans serif" color="#FFFFFF" size="3">
152 <b>$tr{'advproxy chgwebpwd change web password'}</b>
158 <table width="70%" cellspacing="7" cellpadding="7">
160 <td nowrap bgcolor="#F4F4F4" align="left">
161 <font face="verdana, arial, sans serif" color="#000000" size="2">
162 <b>$tr{'advproxy chgwebpwd username'}:</b>
165 <td><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="15"></td>
168 <td nowrap bgcolor="#F4F4F4" align="left">
169 <font face="verdana, arial, sans serif" color="#000000" size="2">
170 <b>$tr{'advproxy chgwebpwd old password'}:</b>
173 <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="15"></td>
176 <td nowrap bgcolor="#F4F4F4" align="left">
177 <font face="verdana, arial, sans serif" color="#000000" size="2">
178 <b>$tr{'advproxy chgwebpwd new password'}:</b>
181 <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="15"></td>
184 <td nowrap bgcolor="#F4F4F4" align="left">
185 <font face="verdana, arial, sans serif" color="#000000" size="2">
186 <b>$tr{'advproxy chgwebpwd new password confirm'}:</b>
189 <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="15"></td>
192 <table width="100%" cellspacing="7" cellpadding="7">
194 <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td>
206 <td nowrap bgcolor="#FF0000" align="center">
207 <font face="verdana, arial, sans serif" color="#FFFFFF" size="2">
208 <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage
220 <td nowrap bgcolor="#00C000" align="center">
221 <font face="verdana, arial, sans serif" color="#FFFFFF" size="2">
222 <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'}
238 <td bgcolor="#C0C0C0" align="right">
239 <a href="http://www.advproxy.net" target="_blank"><b>
240 <font face="verdana,arial,sans serif" color="#FFFFFF" size="1">Advanced Proxy</b></a> running on</font>
241 <a href="http://www.ipcop.org" target="_blank"><b>
242 <font face="verdana,arial,sans serif" color="#FFFFFF" size="1">IPCop</b></a></font>
258 # -------------------------------------------------------------------
262 my $filename = $_[0];
268 open(FILE
, $filename) or die "Unable to read file $filename";
272 ($var, $val) = split /=/, $_, 2;
278 # Untaint variables read from hash
279 $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
280 $val =~ /([\w\W]*)/; $val = $1;
281 $hash->{$var} = $val;
288 # -------------------------------------------------------------------
292 my ($hash, $params) = @_;
293 my $cgi = CGI
->new ();
294 return if ($ENV{'REQUEST_METHOD'} ne 'POST');
295 if (!$params->{'wantfile'}) {
296 $CGI::DISABLE_UPLOADS
= 1;
297 $CGI::POST_MAX
= 512 * 1024;
299 $CGI::POST_MAX
= 10 * 1024 * 1024;
302 $cgi->referer() =~ m/^https?\:\/\
/([^\/]+)/;
304 $cgi->url() =~ m/^https?\:\/\
/([^\/]+)/;
306 return if ($referer ne $servername);
308 ### Modified for getting multi-vars, split by |
309 %temp = $cgi->Vars();
310 foreach my $key (keys %temp) {
311 $hash->{$key} = $temp{$key};
312 $hash->{$key} =~ s/\0/|/g;
313 $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
316 if (($params->{'wantfile'})&&($params->{'filevar'})) {
317 $hash->{$params->{'filevar'}} = $cgi->upload
318 ($params->{'filevar'});
323 # -------------------------------------------------------------------