Ok, here ya go guys. This is what I put together for my users at work. Hope it helps you in what you were trying to do. the perl script goes in your htdocs/cgi-bin directory. The index.html page you can change to your liking, it just uses a form and POSTs it to the perl script. Like I said before, it's quit simple. Hope it helps you in what ever you were trying to accomplish. Jake McHenry [EMAIL PROTECTED]
#!/usr/local/bin/perl -- -*-perl-*- $SIG{'INT'} = 'handler'; $SIG{'QUIT'} = 'handler'; $SIG{'KILL'} = 'handler'; $LOCALTIME = localtime; select(LOG); $|=1; select(STDOUT); $|=1; open(STDERR, ">&STDOUT"); $CType = "content-type: text/html\n\n"; print "content-type: text/html\n\n"; # $POPPWDLOG = "/home/admin/poppassd/webpass.log"; $POPPWDLOG = "/home/web/webpass/webpass.log"; open(LOG,">>$POPPWDLOG") || die ("<h1><center>Cannot open logging file.</center></h1><p>Contact the system administrator."); flock(LOG,8) || die ("<h1><center>Can't establish file lock.</center></h1><p>Please try again later. If the problem persists, contact the system administrator."); # get the input read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); # get the ip address $REMOTEIP = $ENV{'REMOTE_ADDR'}; # Split the name-value pairs @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); # Un-Webify plus signs and %-encoding $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; # added next two lines to security (i think) ... no metacharacters? # i borrowed these lines from other perl scripts that do security # server side includes $value =~ s/<!--(.|\n)*-->//g; # stop people from using subshells to execute commands $value =~ s/~!/ ~!/g; $FORM{$name} = $value; } # Print a title and initial heading print STDOUT "<Html>\n<meta http-equiv=\"Pragma\" content=\"no-cache\">\n"; print STDOUT "<Head><Title>Information Systems/Network Services</Title></Head>\n\n"; $PWDHOST = $FORM{'pwdhost'}; $PWDUSERID = $FORM{'pwduserid'}; $PWDOLDPWD = $FORM{'pwdoldpwd'}; $PWDNEWPWD = $FORM{'pwdnewpwd'}; $PWDVERIFY = $FORM{'pwdverify'}; # If the comments are blank, then give a "blank form" response if (! $PWDUSERID) { print LOG "$LOCALTIME - error: no username supplied from $REMOTEIP to server $PWDHOST\n"; print "<center><p>\n"; print "<h1>PASSWORD NOT CHANGED</h1>\n<h2>Blank Username Field</h2>\n"; print "You must specify a USERNAME to attempt a password change.\n"; print "<p>Use your browser's BACK button to return to the Password Changing page to try again.\n"; close(LOG); exit(1); } if (! $PWDNEWPWD) { print LOG "$LOCALTIME - error: no new password given for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<center><p>\n"; print "<h1>PASSWORD NOT CHANGED</h1>\n<h2>Blank New Password Field</h2>\n"; print "You must specify a NEW PASSWORD to attempt a password change.\n"; print "<p>Use your browser's BACK button to return to the Password Changing page to try again.\n"; print "</center></body></html>\n"; close(LOG); exit(2); } if( $PWDNEWPWD ne $PWDVERIFY ) { print LOG "$LOCALTIME - error: new password verify failed for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<center><p>\n"; print "<h1>PASSWORD NOT CHANGED</h1>"; print "<h2>You did not type the same new password in both<br>\n"; print "NEW PASSWORD fields as is required!</h2>"; print "<p>Use your browser's BACK button to return to the Password Changing page to try again.\n"; print "</center></body></html>\n"; close(LOG); exit(3); } $AF_INET = 2; $SOCK_STREAM = 1; $ACCTYPE = $FORM{'acctype'}; $PORT = 106; $SOCKADDR = 'S n a4 x8'; chop($HOSTNAME = `hostname`); ($name,$aliases,$proto) = getprotobyname('tcp'); ($name,$aliases,$type,$len,$thisaddr) = gethostbyname($HOSTNAME); ($name,$aliases,$type,$len,$thataddr) = gethostbyname($PWDHOST); $THIS = pack($SOCKADDR, $AF_INET, 0, $thisaddr); $THAT = pack($SOCKADDR, $AF_INET, $PORT, $thataddr); if(!socket(S,$AF_INET,$SOCK_STREAM,$proto)) { print LOG "$LOCALTIME - error: cannot get socket filehandle for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; die ("<h1><center>Could not get socket filehandle!</h1><p><h2>Please try again later. If the problem persists, contact the system administartor.</h2></center>"); exit(4); } if(!bind(S,$THIS)) { print LOG "$LOCALTIME - error: cannot give socket an address for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; die ("<h1><center>Could not give socket an address!</h1><p><h2>Please try again later. If the problem persists, contact the system administrator.</h2></center>"); exit(4); } if(!connect(S,$THAT)) { print LOG "$LOCALTIME - error: cannot contact $PWDHOST for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; die ("<h1><center>Could not connect to $PWDHOST!<h1><p><h2>Please try again later. If the problem persists, contact the system administrator.</h2></center>"); exit(4); } select(S); $| = 1; select(STDOUT); print S "user $PWDUSERID\npass $PWDOLDPWD\nnewpass $PWDNEWPWD\nquit\n"; shutdown(S,1); select(STDOUT); $|=1; while(<S>) { $BUFFER .= $_; } if ($BUFFER =~ /Password changed/) { print LOG "$LOCALTIME - success: password changed for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<center><h1>Password Change Information</h1></center><hr>\n"; print "<center><h1>PASSWORD SUCCESSFULLY CHANGED</h1></center>"; print "<hr>Server messages are listed below for informational use only:"; print "<pre>$BUFFER\n<pre>"; } else { print "<center><h1>PASSWORD NOT CHANGED</h1><p>\n"; if ($BUFFER =~ /Bad username\/password/) { print LOG "$LOCALTIME - error: bad username/password for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<h2>Bad Username or Password</h2>\n"; print "Either the user does not exist on this system or the current<br>\n"; print "password is not correct\n"; } elsif ($BUFFER =~ /New password length/) { print LOG "$LOCALTIME - error: password too short for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<center><h2>Password Too Short</h2>\n"; print "The new Password must be at least 5 characterse in length\n"; } elsif ($BUFFER =~ /New password required/) { print LOG "$LOCALTIME - error: blank new password for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<center><h2>Blank New Password</h2>"; } else { print LOG "$LOCALTIME - error: buffer = \"$BUFFER\" for $PWDUSERID from $REMOTEIP to server $PWDHOST\n"; print "<center><h2>There was an unexpected error attempting to change your password</h2></center>"; } print "</center><p>"; print "<h3>Examine server messages for possible problem determination:</h3>\n"; print "<pre>$BUFFER\n<pre>"; print "</body></html>\n"; } exit(0); sub handler { local($sig) = @_; close(LOG); exit(0); }
<html> <body> <table border="1" width="70%"> <tr> <td><form action="http://your_url_here/cgi-bin/chgpwd.pl" method="POST"> <input type="hidden" name="pwdhost" value="your_domain"> <div align="center"> <center> <table border="0" cellpadding="3" cellspacing="5"> <tr> <td align="right">Enter <b>USERNAME</b>:</td> <td><input type="text" size="20" name="pwduserid" tabindex="2"></td> </tr> <tr> <td align="right">Enter <b>CURRENT PASSWORD</b>:</td> <td><input type="password" size="20" name="pwdoldpwd" tabindex="3"></td> </tr> <tr> <td align="right">Enter <b>NEW PASSWORD</b>:</td> <td><input type="password" size="20" name="pwdnewpwd" tabindex="4"></td> </tr> <tr> <td align="right">Verify <b>NEW PASSWORD</b>:</td> <td><input type="password" size="20" name="pwdverify" tabindex="5"></td> </tr> </table> </center></div><div align="center"><center><table border="0"> <tr> <td align="center" width="50%"><input type="submit" value="Change Password"></td> <td align="center" width="50%"><input type="reset" value="Clear Form"></td> </tr> </table> </body> </html>