summaryrefslogtreecommitdiff
path: root/pinyweb/cgi-bin
diff options
context:
space:
mode:
authorjoanofarctangent@gmail.com <iduffe@dev.piny.svcs.cs.pdx.edu>2011-01-18 20:46:43 -0800
committerjoanofarctangent@gmail.com <iduffe@dev.piny.svcs.cs.pdx.edu>2011-01-18 20:46:43 -0800
commit0a34bdd06065f320bd23ef47aa03fecc44a59bfd (patch)
tree7d52a24ab1d922f468eb0e4d5b5bd0f38dce1fdc /pinyweb/cgi-bin
parentfc124e917e63e8f16653fcd603fe7bf99ec9d198 (diff)
downloadpiny-code-0a34bdd06065f320bd23ef47aa03fecc44a59bfd.tar.gz
piny-code-0a34bdd06065f320bd23ef47aa03fecc44a59bfd.zip
Okay, newuser.cgi is almost finished now.
Diffstat (limited to 'pinyweb/cgi-bin')
-rwxr-xr-xpinyweb/cgi-bin/newuser.cgi89
1 files changed, 66 insertions, 23 deletions
diff --git a/pinyweb/cgi-bin/newuser.cgi b/pinyweb/cgi-bin/newuser.cgi
index 7001321..0c9c2de 100755
--- a/pinyweb/cgi-bin/newuser.cgi
+++ b/pinyweb/cgi-bin/newuser.cgi
@@ -2,34 +2,77 @@
$| = 1;
use warnings;
-use CGI qw/:standard *p/;
-use IPC::Open2;
+use CGI qw/:standard *p *table *Tr/;
+use Email::Valid::Loose qw( );
+my ( $JSCRIPT, $error, $email, $username, $password1, $password2 );
+my $checker = Email::Valid::Loose->new
+ ( "-fqdn" => 1
+ , "-fudge" => 0
+ , "-local_rules" => 0
+ , "-mxcheck" => 1
+ , "-tldcheck" => 0
+ );
-print header( -type => 'text/html' ), start_html( -title => 'piny-web: Create User'), h1('Create User');
+if (param('submit') eq 'Submit') { # Form has been submitted
+ $email = param('email');
+ if ( $email eq "" or not defined ( $email = $checker->address($email) ) ) { $error .= 'Please enter a valid email address.\n'; }
+
+ $username = param('username');
+ if (not defined $username or $username eq '') { $error .= 'Please enter a username.\n'; }
+ if ($username =~ /^(git|ikiwiki)-/) { $error .= 'Your username cannot start with git- or ikiwiki-!\n'; }
+ if ($username !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/) { $error .= 'Usernames must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash. Usernames are case sensitive.\n'; }
+
+ $password1 = param('password1');
+ $password2 = param('password2');
+ if (not defined $password1 or $password1 eq '') { $error .= 'Please enter a password.\n'; }
+ if ($password1 ne $password2) { $error .= 'Passwords do not match!\n'; }
+
+ if ($error eq '') { $error = create_user($email, $username, $password1); }
+
+ # We need javascript to display an alert message
+ $JSCRIPT = <<END;
+ function alertmsg() {
+ alert('$error');
+ }
+END
+}
+
+print header( -type => 'text/html' ), start_html( -title => 'piny-web: Create User', -script => $JSCRIPT, -onLoad => 'alertmsg()' ), h1('Create User');
print start_form( -name => 'newuser_form' );
print start_p, "Enter a username and valid email address for the new user. Please remember that the username may only contain alphanumerics, underscores, periods, and dashes. The username may not begin with a dash, nor may it begin with the strings 'git-' or 'ikiwiki-'.", end_p;
-print start_p;
-print label( { -for => 'username' }, "Username: " ), textfield( -name => 'username' ), "<br />";
-print label( { -for => 'email' }, "Email Address: " ), textfield( -name => 'email' ), "<br />";
+# Actual input fields
+print start_table;
+print start_Tr, td( label( { -for => 'username' }, "Username: " ) ), td( { -style => 'text-align: right;' }, textfield('username') ), end_Tr;
+print start_Tr, td( label( { -for => 'email' }, "Email Address: " ) ), td( { -style => 'text-align: right;' }, textfield('email') ), end_Tr;
+print start_Tr, td( label( { -for => 'password1' }, "Password: " ) ), td( { -style => 'text-align: right;' }, password_field('password1') ), end_Tr;
+print start_Tr, td( label( { -for => 'password2' }, "Password again: ") ), td( { -style => 'text-align: right;' }, password_field('password2') ), end_Tr;
+print end_table;
+
+print br, br, submit( { -name => 'submit', -value => 'Submit' } );
-print "</p>";
print end_form, end_html;
-=for temporarily commenting this out until i can get the base page to show up
-if( $q->param('n') && $q->param('a') && $q->param('p') ) {
- unless( open2( OUT, IN, '/usr/bin/sudo', '/usr/sbin/newuser', '--batch', $q->param('a'), $q->param('n') ) ) {
- print 'could not execute newrepo';
- die;
- };
- # make things flushier
- select((select(IN), $| = 1)[0]);
- select((select(OUT), $| = 1)[0]);
- print( IN $q->param('p') . "\n" );
- close( IN );
- while( <OUT> ) {
- print;
- };
-} else {
- print 'Missing parameters.';
+
+# Actual call to create a user
+sub create_user {
+ my ($email, $username, $password) = @_;
+ my @saltchars =
+ ( 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'
+ , 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'
+ , '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'
+ , '.', '/'
+ );
+ my $salt = "\$6\$";
+
+ foreach my $n (1 .. 16) {
+ $salt .= $saltchars[int ( rand ( scalar @saltchars ) )];
+ }
+
+ $salt .= "\$";
+ my $crypt = crypt( $password, $salt );
+
+ my $ret = system("/usr/sbin/useradd", "-c", "$email", "-k", "/var/empty", "-g", "users", "-m", "-p", $crypt, "-s", "/usr/bin/pinyshell", $username);
+ if ($ret) { return $! . ' - ' . ($? >> 8); } #return 'An error occurred creating the user; most likely, that username is already taken.\n'; }
+ else { return 'Your user has been created. Try logging in!\n'; }
};