You may want to try using some unix functions to do this. If you're really good at verifying that their input is legal, that the user exists, that their old password is right and that the new ones match and you're 100% sure oyu want to do this you could always do backtick execution.
man pw man htpasswd Of course all of that depends if you have permision to modify that stuff as in who your script is running as, setuid or apache's user or ???. Is it a system user account, qmail, or ??? You may be best to talk to the administrator of that box to find the best and most secure way for you to do that since he or she would know all about the permissions and all of the doo dah's the machine has. Dan > -----Original Message----- > From: Edmund [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 15, 2003 8:28 AM > To: Perl > Subject: perl confusion/ and passwd > > > Hi, > > I need some help getting cleared up with an issue I had this > afternoon (and still trying to figure out now). I have Perl > 5.6.1 installed at work. It didn't come (AFAIK) with > NDBM_FILE.pm. (Required for chpass... which brings me to a > different question that I'll ask after this). So I go to > CPAN and check the DATABASE INTERFACES section. I find > NDBM_FILE. I go there and find tarballs of perl5.6.0, 5.6.1 > and 5.8.0. as well as subfolders of two authors. > > If I may, I'd like to ask some questions : > > 1) Pardon my ignorance, but is NDBM_FILE.pm now included > with the Perl tarballs? If so, I just need to d/l > the latest (I'm assuming 5.8.0) and install it? > > 2) Since 5.6.1 is installed right now, can I install > 5.8.0 over it without uninstalling 5.6.1? (Btw, > I'm running Slackware Linux 8.0). > > With regards to chpass, I'm trying to create a > web-based page so that local intranet users > can use that to change their email password. > Security wise, is this a good idea? The > page itself is only accessible via a few > specific local IPs. Is there a module out > there that can help me in this regard? > > I've only gotten to the point of grabbing the > user's username, old password and new password > from a form. I can parse the information easily. > It's after parsing that I"m unsure as how to > go about in changing the user's password. Since > I'm running the website under a non-root user, > changing some other user's password isn't easy. > I d/led this tarball (that included the html > files to change the password .. wwwpass.??.tar.gz) > but since I don't have NDBM_FILE installed I > couldn't run it. > > Any help very much appreciated. > > Edmund > > -- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
