diff options
| author | jrayhawk+piny.be@omgwallhack.org <jrayhawk@dev.piny.svcs.cs.pdx.edu> | 2011-01-21 04:02:27 -0800 |
|---|---|---|
| committer | jrayhawk+piny.be@omgwallhack.org <jrayhawk@dev.piny.svcs.cs.pdx.edu> | 2011-01-21 04:02:27 -0800 |
| commit | b47a5b5025c40f4d5bd2a6f91428b19f9b0dbba6 (patch) | |
| tree | 2e9e2ffd20d084702dddc9711aa43ce95a7de21a /pinyweb/cgi-bin/newuser.cgi | |
| parent | c0337286c8b72331c0ba1abb11cf7142bc479f0a (diff) | |
| download | piny-code-b47a5b5025c40f4d5bd2a6f91428b19f9b0dbba6.tar.gz piny-code-b47a5b5025c40f4d5bd2a6f91428b19f9b0dbba6.zip | |
If you're going to replace something working with something broken, do it somewhere other than master.
This reverts commits
145dd509a0ed40be03e8b1372cee183703344b36
53d9d204ac838f6f2e2c46d4c9a764dc53427e45
e7dfef272790cf79cce19e3459363e6ee95f73d5
0a34bdd06065f320bd23ef47aa03fecc44a59bfd
666f8065cd416870d236ae2063dd836fb35d18a0
Diffstat (limited to 'pinyweb/cgi-bin/newuser.cgi')
| -rwxr-xr-x | pinyweb/cgi-bin/newuser.cgi | 102 |
1 files changed, 19 insertions, 83 deletions
diff --git a/pinyweb/cgi-bin/newuser.cgi b/pinyweb/cgi-bin/newuser.cgi index 8ffaa77..002d2be 100755 --- a/pinyweb/cgi-bin/newuser.cgi +++ b/pinyweb/cgi-bin/newuser.cgi @@ -3,91 +3,27 @@ $| = 1; use warnings; -BEGIN { - if ( not defined $ENV{"SUDO_UID"} ) { -# exec( "sudo", "/usr/lib/cgi-bin/piny/newuser.cgi", @ARGV ); - my @env = (); - foreach my $key ( keys %ENV ) { push @env, "$key=$ENV{$key}" }; - exec( "sudo", @env, "/usr/lib/cgi-bin/piny/newuser.cgi", @ARGV ); - }; -}; - -use CGI qw/:standard *p *table *Tr/; -use Email::Valid::Loose qw( ); -my ( $JSCRIPT, $error, $email, $username, $password1, $password2 ); -my $checker = Email::Valid::Loose->new - ( "-fqdn" => 1 - , "-fudge" => 0 - , "-local_rules" => 0 - , "-mxcheck" => 1 - , "-tldcheck" => 0 - ); - -if (param('submit') eq 'Submit') { # Form has been submitted - $email = param('email'); - if ( $email eq "" or not defined ( $email = $checker->address($email) ) ) { $error .= 'Please enter a valid email address.\n'; } - - $username = param('username'); - if (not defined $username or $username eq '') { $error .= 'Please enter a username.\n'; } - if ($username =~ /^(git|ikiwiki)-/) { $error .= 'Your username cannot start with git- or ikiwiki-!\n'; } - if ($username !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/) { $error .= 'Usernames must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash. Usernames are case sensitive.\n'; } - - $password1 = param('password1'); - $password2 = param('password2'); - if (not defined $password1 or $password1 eq '') { $error .= 'Please enter a password.\n'; } - if ($password1 ne $password2) { $error .= 'Passwords do not match!\n'; } - - if ($error eq '') { $error = create_user($email, $username, $password1); } - - # We need javascript to display an alert message - $JSCRIPT = <<END; - function alertmsg() { - alert('$error'); - } -END -} +use CGI; -print header( -type => 'text/html' ), start_html( -title => 'piny-web: Create User', -script => $JSCRIPT, -onLoad => 'alertmsg()' ), h1('Create User'); -print start_form( -name => 'newuser_form' ); -print start_p, "Enter a username and valid email address for the new user. Please remember that the username may only contain alphanumerics, underscores, periods, and dashes. The username may not begin with a dash, nor may it begin with the strings 'git-' or 'ikiwiki-'.", end_p; +use IPC::Open2; -print "<b>KEYS</b>", br; -for my $key (keys %ENV) { - print $key . " - " . $ENV{$key}; - print br; -} -# Actual input fields -print start_table; -print start_Tr, td( label( { -for => 'username' }, "Username: " ) ), td( { -style => 'text-align: right;' }, textfield('username') ), end_Tr; -print start_Tr, td( label( { -for => 'email' }, "Email Address: " ) ), td( { -style => 'text-align: right;' }, textfield('email') ), end_Tr; -print start_Tr, td( label( { -for => 'password1' }, "Password: " ) ), td( { -style => 'text-align: right;' }, password_field('password1') ), end_Tr; -print start_Tr, td( label( { -for => 'password2' }, "Password again: ") ), td( { -style => 'text-align: right;' }, password_field('password2') ), end_Tr; -print end_table; +$q = CGI->new; -print br, br, submit( { -name => 'submit', -value => 'Submit' } ); +print( "Content-type: text/plain\n\n" ); -print end_form, end_html; - - -# Actual call to create a user -sub create_user { - my ($email, $username, $password) = @_; - my @saltchars = - ( 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' - , 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z' - , '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' - , '.', '/' - ); - my $salt = "\$6\$"; - - foreach my $n (1 .. 16) { - $salt .= $saltchars[int ( rand ( scalar @saltchars ) )]; - } - - $salt .= "\$"; - my $crypt = crypt( $password, $salt ); - - my $ret = system("/usr/sbin/piny-suid", $ENV{'REMOTE_USER'}, "/usr/sbin/useradd", "-c", "$email", "-k", "/var/empty", "-g", "users", "-m", "-p", $crypt, "-s", "/usr/bin/pinyshell", $username); - if ($ret) { return 'An error occurred creating the user; most likely, that username is already taken.\n'; } - else { return 'Your user has been created. Try logging in!\n'; } +if( $q->param('n') && $q->param('a') && $q->param('p') ) { + unless( open2( OUT, IN, '/usr/bin/sudo', '/usr/sbin/newuser', '--batch', $q->param('a'), $q->param('n') ) ) { + print 'could not execute newrepo'; + die; + }; + # make things flushier + select((select(IN), $| = 1)[0]); + select((select(OUT), $| = 1)[0]); + print( IN $q->param('p') . "\n" ); + close( IN ); + while( <OUT> ) { + print; + }; +} else { + print 'Missing parameters.'; }; |