X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fchpasswd.cgi;h=0a66062edbf63a3bb81a275e43e4926b73a2266d;hb=3b884ae65ee2fdb8bba76d0e52f51326f30fc051;hp=5bc97d2e263fee8ad03daa2c4e9d5a7a429bfa1f;hpb=363fb6afce0da6581db2ebac774e506fc8db81c6;p=people%2Fpmueller%2Fipfire-2.x.git diff --git a/html/cgi-bin/chpasswd.cgi b/html/cgi-bin/chpasswd.cgi index 5bc97d2e26..0a66062edb 100644 --- a/html/cgi-bin/chpasswd.cgi +++ b/html/cgi-bin/chpasswd.cgi @@ -1,10 +1,27 @@ #!/usr/bin/perl - -# -# $Id: chpasswd.cgi,v 1.0 2005/01/25 00:00:00 marco Exp $ -# +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### use CGI qw(param); +use Apache::Htpasswd; +use Crypt::PasswdMD5; $swroot = "/var/ipfire"; @@ -58,45 +75,25 @@ if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'}) $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'}; goto ERROR; } - if (! -z $userdb) - { - open FILE, $userdb; - @users = ; - close FILE; - $username = ''; - $cryptpwd = ''; + my $htpasswd = new Apache::Htpasswd("$userdb"); - foreach (@users) - { - chomp; - @temp = split(/:/,$_); - if ($temp[0] =~ /^$cgiparams{'USERNAME'}$/i) - { - $username = $temp[0]; - $cryptpwd = $temp[1]; - } - } - } - if ($username eq '') - { + # Check if a user with this name exists + my $old_password = $htpasswd->fetchPass($cgiparams{'USERNAME'}); + if (!$old_password) { $errormessage = $tr{'advproxy errmsg invalid user'}; goto ERROR; } - if (!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd)) - { + + # Reset password + if (!$htpasswd->htpasswd($cgiparams{'USERNAME'}, $cgiparams{'NEW_PASSWORD_1'}, + $cgiparams{'OLD_PASSWORD'})) { $errormessage = $tr{'advproxy errmsg password incorrect'}; goto ERROR; } - $returncode = system("/usr/bin/htpasswd -b $userdb $username $cgiparams{'NEW_PASSWORD_1'}"); - if ($returncode == 0) - { - $success = 1; - undef %cgiparams; - } else { - $errormessage = $tr{'advproxy errmsg change fail'}; - goto ERROR; - } + + $success = 1; + undef %cgiparams; } ERROR: @@ -119,59 +116,52 @@ print < - +
- - - -
- -   - -
- +
+ - - - -
- + + $tr{'advproxy chgwebpwd change web password'}
- +
- - + - - + - - + - - +
- + + $tr{'advproxy chgwebpwd username'}:
- + + $tr{'advproxy chgwebpwd old password'}:
- + + $tr{'advproxy chgwebpwd new password'}:
- + + $tr{'advproxy chgwebpwd new password confirm'}:
@@ -189,7 +179,7 @@ if ($errormessage) print < @@ -203,7 +193,7 @@ if ($success) print < @@ -219,15 +209,6 @@ print <
- + $tr{'advproxy chgwebpwd ERROR'} $errormessage - + $tr{'advproxy chgwebpwd SUCCESS'} $tr{'advproxy errmsg change success'}
-
- - Advanced Proxy running on - - IPCop -