htpasswd-file/save.cgi

   1 #!/usr/local/bin/perl
   2 # save_user.cgi
   3 # Create, update or delete a password file user
   4
   5 require './htpasswd-file-lib.pl';
   6 &ReadParse();
   7 &error_setup($text{'save_err'});
   8 $users = &list_users();
   9 if (!$in{'new'}) {
  10         if (!$access{'single'}) {
  11                 $user = $users->[$in{'idx'}];
  12                 }
  13         else {
  14                 ($user) = grep { $_->{'user'} eq $in{'user'} } @$users;
  15                 $user || &error($text{'save_euser'});
  16                 }
  17         $loguser = $user->{'user'};
  18         }
  19 else {
  20         $loguser = $in{'user'};
  21         }
  22
  23 &lock_file($config{'file'});
  24 if ($in{'delete'}) {
  25         # Just delete this user
  26         $access{'delete'} || &error($text{'save_edelete'});
  27         &delete_user($user);
  28         }
  29 else {
  30         # Validate inputs
  31         if (!$access{'single'} && $access{'rename'} || $in{'new'}) {
  32                 $in{'user'} || &error($text{'save_euser1'});
  33                 $in{'user'} =~ /:/ && &error($text{'save_euser2'});
  34                 if ($in{'new'} || $user->{'user'} ne $in{'user'}) {
  35                         ($clash) = grep { $_->{'user'} eq $in{'user'} } @$users;
  36                         $clash && &error($text{'save_eclash'});
  37                         }
  38                 }
  39         !$in{'pass_def'} && $in{'pass'} =~ /:/ && &error($text{'save_epass'});
  40         if ($access{'repeat'} && !$in{'new'}) {
  41                 $user->{'pass'} eq &encrypt_password($in{'oldpass'}, $user->{'pass'}, $config{'md5'}) || &error($text{'save_eoldpass'});
  42                 }
  43
  44         # Actually save
  45         $user->{'user'} = $in{'user'}
  46                 if ($in{'new'} || !$access{'single'} && $access{'rename'});
  47         if (!$in{'pass_def'}) {
  48                 $user->{'pass'} = &encrypt_password($in{'pass'}, undef, $config{'md5'});
  49                 }
  50         if ($access{'enable'}) {
  51                 $user->{'enabled'} = $in{'enabled'};
  52                 }
  53         elsif ($in{'new'}) {
  54                 $user->{'enabled'} = 1;
  55                 }
  56         if ($in{'new'}) {
  57                 &create_user($user);
  58                 }
  59         else {
  60                 &modify_user($user);
  61                 }
  62         }
  63 &unlock_file($config{'file'});
  64 &webmin_log($in{'delete'} ? "delete" : $in{'new'} ? "create" : "modify",
  65             "user", $loguser, $user);
  66 if ($access{'single'}) {
  67         &ui_print_header(undef, $text{'save_title'}, "");
  68         print &text('save_done', "<tt>$loguser</tt>"),"<p>\n";
  69         &ui_print_footer("edit.cgi", $text{'edit_return'});
  70         }
  71 else {
  72         &redirect("");
  73         }
  74
  75