summaryrefslogtreecommitdiff
path: root/pinyweb/cgi-bin/newuser.cgi
blob: f03a0f2b13f686dbd065e1f343d8295f23aebe19 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!/usr/bin/perl
$| = 1;

use warnings;

BEGIN {
  if ( not defined $ENV{"SUDO_UID"} ) {
    my @env = ();
    foreach my $key ( keys %ENV ) { push @env, "$key=$ENV{$key}" };
    exec( "sudo", @env, "/usr/lib/cgi-bin/piny/newuser.cgi", @ARGV );
  };
};

use CGI qw/:standard *p *table *Tr/;
use Email::Valid::Loose qw( );
my ( $JSCRIPT, $error, $email, $username, $password1, $password2 );
my $checker = Email::Valid::Loose->new
  ( "-fqdn"        => 1
  , "-fudge"       => 0
  , "-local_rules" => 0
  , "-mxcheck"     => 1
  , "-tldcheck"    => 0
  );

if (param('submit') eq 'Submit') { # Form has been submitted
    $email = param('email');
    if ( $email eq "" or not defined ( $email = $checker->address($email) ) ) { $error .= 'Please enter a valid email address.\n'; }
    
    $username = param('username');
    if (not defined $username or $username eq '') 	{ $error .= 'Please enter a username.\n';  				}
    if ($username =~ /^(git|ikiwiki)-/) 		{ $error .= 'Your username cannot start with git- or ikiwiki-!\n'; 	}
    if ($username !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/) 	{ $error .= 'Usernames must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash. Usernames are case sensitive.\n'; }

    $password1 = param('password1');
    $password2 = param('password2');
    if (not defined $password1 or $password1 eq '') 	{ $error .= 'Please enter a password.\n'; }
    if ($password1 ne $password2) 			{ $error .= 'Passwords do not match!\n';  }

    if ($error eq '') { $error = create_user($email, $username, $password1); }

    # We need javascript to display an alert message
    $JSCRIPT = <<END;
	function alertmsg() {
	    alert('$error');
	}
END
}

print header( -type => 'text/html' ), start_html( -title => 'piny-web: Create User', -script => $JSCRIPT, -onLoad => 'alertmsg()' ), h1('Create User');
print start_form( -name => 'newuser_form' );
print start_p, "Enter a username and valid email address for the new user. Please remember that the username may only contain alphanumerics, underscores, periods, and dashes. The username may not begin with a dash, nor may it begin with the strings 'git-' or 'ikiwiki-'.", end_p;

print "<b>KEYS</b>", br;
for my $key (keys %ENV) {
    print $key . " - " . $ENV{$key};
    print br;
}
# Actual input fields
print start_table;
print start_Tr, td( label( { -for => 'username' }, "Username: " ) ), td( { -style => 'text-align: right;' }, textfield('username') ), end_Tr;
print start_Tr, td( label( { -for => 'email' }, "Email Address: " ) ), td( { -style => 'text-align: right;' }, textfield('email') ), end_Tr;
print start_Tr, td( label( { -for => 'password1' }, "Password: " ) ), td( { -style => 'text-align: right;' }, password_field('password1') ), end_Tr;
print start_Tr, td( label( { -for => 'password2' }, "Password again: ") ), td( { -style => 'text-align: right;' }, password_field('password2') ), end_Tr;
print end_table;

print br, br, submit( { -name => 'submit', -value => 'Submit' } );

print end_form, end_html;


# Actual call to create a user
sub create_user {
    my ($email, $username, $password) = @_;
    my @saltchars =
      ( 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'
      , 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'
      , '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'
      , '.', '/'
      );
    my $salt = "\$6\$";

    foreach my $n (1 .. 16) {
	$salt .= $saltchars[int ( rand ( scalar @saltchars ) )];
    }

    $salt .= "\$";
    my $crypt = crypt( $password, $salt );

    my $ret = system("/usr/sbin/piny-suid", $ENV{'REMOTE_USER'}, "/usr/sbin/useradd", "-c", "$email", "-k", "/var/empty", "-g", "users", "-m", "-p", $crypt, "-s", "/usr/bin/pinyshell", $username);
    if ($ret) { return $ENV{'REMOTE_USER'} . ' An error occurred creating the user; most likely, that username is already taken.\n'; }
    else      { return 'Your user has been created. Try logging in!\n'; }
};