Site Navigation

Date:      Mon, 7 Dec 1998 16:26:57 +1100
From:      "John Saunders" <john.saunders@scitec.com.au>
To:        "Cliff Reardon" <cj@webnet.com.au>
Cc:        "FreeBSD questions" <freebsd-questions@FreeBSD.ORG>
Subject:   RE: Change Password On-Line
Message-ID:  <002a01be21a2$357262e0$6cb611cb@saruman.scitec.com.au>
In-Reply-To: <365DE1EF.9B4A1EA7@webnet.com.au>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

> I was wondering if anybody had a script to use via the web ie: either
> .cgi or .pl or even .c so as dial in users can change their passwords
> on-line. They are authenticated using the passwd file on a freebsd
> computer, and we are using Apache as the web server.

Not sure if anybody has answered you yet. Anyway the easiest way I
have found is to install the poppassd port (/usr/ports/mail/poppassd)
which allows Eudora Mail to change passwords from it's menu.

With this in place I wrote a HTML form and got a perl cgi script
to talk to the popassd server. The perl script came from a wwwpass
package I found. It's also portable, with poppassd running on
Linux or anything else the web side doesn't need to be changed.

P.S. I've removed some company messages from these things so expect
a couple of typos you may need to clean up before it works.

Cheers.

-chpasswd.html--------------------------------------------------------------
---------
<html>
<body>

<h2 align="center">Change Your Password</h2>

<form action="password.cgi" method="POST">

<center>
<p>
Enter your username:<br>
<input type="text" size=17 name="username">
</p>

<p>
Enter your password:<br>
<input type="password" size=17 name="password">
</p>
</center>

<hr>

<center>
<p>
Now, enter what you want to change your password to.
</p>

<p>
New password:<br>
<input type="password" name="newpasswd">
</p>

<p>
Re-type new password:<br>
<input type="password" name="verifypasswd">
</p>
</center>

<center>
<p>
<input type="submit" value="Change Password">
<input type="reset" value="Clear Form">
</p>
</center>

</form>

</body>
</html>
-chpasswd.html--------------------------------------------------------------
---------

-chpasswd.cgi---------------------------------------------------------------
---------
#!/usr/local/bin/perl
# Back-end script to let a user change their password from a web page
# Interfaces to popassd daemon

use Socket;
require "cgi-lib.pl";

# Replace with the name of your password host.
$pass_host = "pop.domain.com";

&ReadParse;
print &PrintHeader;

$| = 1;

umask(077);

$login = $in{"username"};
$p = $in{"password"};
$np = $in{"newpasswd"};
$np1 = $in{"verifypasswd"};

$l = length($np);
if (($np ne $np1) || ($l < 6) || ($np eq ''))
{
	print "<html>\n";
	print "<body>\n\n";
	print "<h2 align=\"center\">Change Password Error!</h2>\n\n<p>\nI'm sorry
$login, ";
	if ($np ne $np1) {
		print "<b>the two new passwords you entered did not match</b>.\n</p>\n";
	} elsif ($l < 6) {
		print "<b>your password must have a least 6 characters</b>.\n</p>\n";
	} else {
		print "<b>you may not enter a blank password</b>.\n</p>\n";
	}
	print "\n<p>\nYour password was not changed. Would you like to\n";
	print "<a href=\"chpasswd.html\">try again</a>?\n</p>\n\n";
	print "</body>\n</html>\n";
	exit 0;
}

&start_poppassd($pass_host);

# Get hello prompt
$_ = <PASSD>;
unless (/^200/) {&pass_error;}

# Send username
print PASSD "user $login\n";
$_ = <PASSD>;
unless (/^200/) {&pass_error;}

# Send Old Password
print PASSD "pass $p\n";
$_ = <PASSD>;
if (/^500/) {
	# For now, a generic error
	&pass_error;
}

# Now new password
print PASSD "newpass $np\n";
$_ = <PASSD>;
if (/^500/) {
	# Generic error again
	&pass_error;
}

# We are done, quit;
print PASSD "quit\n";
$_ = <PASSD>;

print "<html>\n";
print "<body>\n\n";
print "<h2 align=\"center\">Change Password OK</h2>\n\n";
print "<p>\n$login, <b>your password has been successfully changed</b>.
Don't\n";
print "forget to change your log-in script and your mail programs to\n";
print "reflect this new password.\n</p>\n";
print "\n<p>\n<b>Also, don't forget your new password!</b>\n</p>\n\n";
print "</body>\n</html>\n";
exit 0;


sub pass_error
{
	s/^\d\d\d //;
	print "<html>\n";
	print "<body>\n\n";
	print "<h2 align=\"center\">Change Password Error!</h2>\n\n";
	print "<p>\nI'm sorry, I was unable to change your password. The\n";
	print "password server returned the following error:\n";
	print "<b>$_</b>\n</p>\n";
	print "\n<p>\nWould you like to <a href=\"chpasswd.html\">\n";
	print "try again</A> ?\n</p>\n\n";
	print "</body></html>\n";
	exit 0;
}


#**********
# START_POPPASSD -- Open poppassd connection to user server
#**********
sub start_poppassd {
  local($name)=@_;

  $SIG{'INT'}='dokill';

  $sockaddr='Sna4x8';

  ($n,$aliases,$proto)=getprotobyname('tcp');
  ($n,$aliases,$port)=getservbyname('poppassd','tcp');
  if ($name =~ /^\d+\.\d+\.\d+\.\d+$/) {
    $thataddr = pack('cccc',split(/\./,$name));
  } else {
    ($n,$aliases,$type,$len,$thataddr)=gethostbyname($name);
  }

  $that=pack($sockaddr, AF_INET, $port, $thataddr);

  socket(PASSD, PF_INET, SOCK_STREAM, $proto) || die "socket: $!";

  connect(PASSD, $that) || die "connect: $!";

  select(PASSD); $|=1;
  select(STDIN); $|=1;
  select(STDOUT); $|=1;
}
-chpasswd.cgi---------------------------------------------------------------
---------

--   .   +-------------------------------------------------------+
 ,--_|\  | John Saunders    mailto:John.Saunders@scitec.com.au   |
/  Oz  \ | SCITEC LIMITED   Phone +61294289563  Fax +61294289933 |
\_,--\_/ | "By the time you make ends meet, they move the ends." |
      v  +-------------------------------------------------------+


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002a01be21a2$357262e0$6cb611cb>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact