blob: 1e6e2e53077add3ab6d912f6cb6c83872a1bfd8f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/usr/bin/perl -T
#!/usr/bin/perl -Tw
use strict;
use FS::SelfService qw(passwd);
use CGI;
use CGI::Carp qw(fatalsToBrowser);
my $freeside_uid = scalar(getpwnam('freeside'));
$ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
$ENV{'SHELL'} = '/bin/sh';
$ENV{'IFS'} = " \t\n";
$ENV{'CDPATH'} = '';
$ENV{'ENV'} = '';
$ENV{'BASH_ENV'} = '';
die "passwd.cgi isn't running as freeside user\n" if $> != $freeside_uid;
my $cgi = new CGI;
$cgi->param('username') =~ /^([^\n]{0,255}$)/ or die "Illegal username";
my $me = $1;
$cgi->param('domain') =~ /^([^\n]{0,255}$)/ or die "Illegal domain";
my $domain = $1;
$cgi->param('old_password') =~ /^([^\n]{0,255}$)/ or die "Illegal old_password";
my $old_password = $1;
$cgi->param('new_password') =~ /^([^\n]{0,255}$)/ or die "Illegal new_password";
my $new_password = $1;
die "New passwords don't match"
unless $new_password eq $cgi->param('new_password2');
my $rv = passwd(
'username' => $me,
'domain' => $domain,
'old_password' => $old_password,
'new_password' => $new_password,
);
my $error = $rv->{error};
if ($error) {
die $error;
} else {
print $cgi->header(), <<END;
<html>
<head>
<title>Password changed</title>
</head>
<body bgcolor="#e8e8e8">
<h3>Password changed</h3>
<br>Your password has been changed.
</body>
</html>
END
}
|
