From: Peter T. <pet...@us...> - 2002-03-22 08:19:35
|
Update of /cvsroot/twiki/twiki/bin In directory usw-pr-cvs1:/tmp/cvs-serv13760 Modified Files: register passwd Log Message: cosmetics Index: register =================================================================== RCS file: /cvsroot/twiki/twiki/bin/register,v retrieving revision 1.20 retrieving revision 1.21 diff -C2 -r1.20 -r1.21 *** register 19 Mar 2002 07:35:59 -0000 1.20 --- register 22 Mar 2002 08:19:32 -0000 1.21 *************** *** 3,7 **** # TWiki WikiClone (see wiki.pm for $wikiversion and other info) # ! # Copyright (C) 1999 Peter Thoeny, pe...@th... # # This program is free software; you can redistribute it and/or --- 3,7 ---- # TWiki WikiClone (see wiki.pm for $wikiversion and other info) # ! # Copyright (C) 1999-2002 Peter Thoeny, pe...@th... # # This program is free software; you can redistribute it and/or *************** *** 28,39 **** } - $query = new CGI; - ##### for debug only: Remove next 3 comments (but redirect does not work) - #open(STDERR,'>&STDOUT'); # redirect error to browser - #$| = 1; # no buffering - #TWiki::writeHeader( $query ); - &main(); --- 28,33 ---- *************** *** 199,203 **** # found at http://world.inch.com/Scripts/htpasswd.pl.html if ( $TWiki::OS eq "WINDOWS" ) { ! return $user . ':{SHA}' . MIME::Base64::encode_base64(Digest::SHA1::sha1($passwd)); } srand( $$|time ); --- 193,197 ---- # found at http://world.inch.com/Scripts/htpasswd.pl.html if ( $TWiki::OS eq "WINDOWS" ) { ! return $user . ':{SHA}' . MIME::Base64::encode_base64( Digest::SHA1::sha1( $passwd ) ); } srand( $$|time ); *************** *** 285,286 **** --- 279,282 ---- return $topicName; } + + # EOF Index: passwd =================================================================== RCS file: /cvsroot/twiki/twiki/bin/passwd,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -r1.6 -r1.7 *** passwd 19 Mar 2002 08:24:38 -0000 1.6 --- passwd 22 Mar 2002 08:19:32 -0000 1.7 *************** *** 1,4 **** ! #!/usr/bin/perl -wTI. # # Copyright (C) 2001 Klaus Wriessnegger, kw...@sa... # --- 1,5 ---- ! #!/usr/bin/perl -wT # + # Copyright (C) 2000-2002 Peter Thoeny, Peter@Thoeny.com # Copyright (C) 2001 Klaus Wriessnegger, kw...@sa... # *************** *** 49,62 **** } ! ! ##### for debug only: Remove next 2 comments (but redirect does not work) ! #print "Content-type: text/html\n\n"; ! #open(STDERR,'>&STDOUT'); # redirect error to browser ! #$| = 1; # no buffering ! ! $query= new CGI; &main(); sub main { --- 50,58 ---- } ! $query = new CGI; &main(); + # ========================= sub main { *************** *** 77,101 **** my $url = ""; ! # check if required fields are filled in ! if( ! $wikiName || ! $passwordA ) { ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregrequ", ); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # check if user entry exists ! if( ( $wikiName ) && (! htpasswdExistUser( $wikiName ) ) ){ ! # PTh 20 Jun 2000: changed to getOopsUrl ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsnotwikiuser", $wikiName ); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # check if passwords are identical ! if( $passwordA ne $passwordB ) { ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregpasswd" ); ! TWiki::redirect( $query, $url ); ! return; ! } my $theCryptPassword = &htpasswdGeneratePasswd( $wikiName, $passwordA ); --- 73,97 ---- my $url = ""; ! # check if required fields are filled in ! if( ! $wikiName || ! $passwordA ) { ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregrequ", ); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # check if user entry exists ! if( ( $wikiName ) && (! htpasswdExistUser( $wikiName ) ) ) { ! # PTh 20 Jun 2000: changed to getOopsUrl ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsnotwikiuser", $wikiName ); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # check if passwords are identical ! if( $passwordA ne $passwordB ) { ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregpasswd" ); ! TWiki::redirect( $query, $url ); ! return; ! } my $theCryptPassword = &htpasswdGeneratePasswd( $wikiName, $passwordA ); *************** *** 103,148 **** my $change = $query->param( "change" ) || ""; ! if( $change eq "on" ){ # c h a n g e my $oldpassword = $query->param( 'oldpassword' ); ! # check if required fields are filled in ! if( ! $oldpassword ) { ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregrequ" ); ! TWiki::redirect( $query, $url ); ! return; ! } ! # check password ! my $oldcrypt = htpasswdReadPasswd( $wikiName ); ! ! my $pw = htpasswdCheckPasswd( $oldpassword, $oldcrypt ); ! if (! $pw ){ ! # NO - wrong old password ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopswrongpassword"); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # OK - password may be changed ! my $oldCryptPassword = "$wikiName\:$oldcrypt"; ! htpasswdAddUser( $oldCryptPassword, $theCryptPassword ); ! ! # OK - password changed ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopschangepasswd" ); ! TWiki::redirect( $query, $url ); ! return; ! } ! else { # r e s e t ! # and finally display the reset password page ! $url = &TWiki::getOopsUrl( $webName, $wikiName, "oopsresetpasswd", $theCryptPassword ); ! TWiki::redirect( $query, $url ); ! return; } } sub htpasswdCheckPasswd { --- 99,146 ---- my $change = $query->param( "change" ) || ""; ! if( $change eq "on" ) { # c h a n g e my $oldpassword = $query->param( 'oldpassword' ); ! # check if required fields are filled in ! if( ! $oldpassword ) { ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregrequ" ); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # check password ! my $oldcrypt = htpasswdReadPasswd( $wikiName ); ! ! my $pw = htpasswdCheckPasswd( $oldpassword, $oldcrypt ); ! if( ! $pw ) { ! # NO - wrong old password ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopswrongpassword"); ! TWiki::redirect( $query, $url ); ! return; ! } ! ! # OK - password may be changed ! my $oldCryptPassword = "$wikiName\:$oldcrypt"; ! htpasswdAddUser( $oldCryptPassword, $theCryptPassword ); ! ! # OK - password changed ! $url = &TWiki::getOopsUrl( $webName, $topic, "oopschangepasswd" ); ! TWiki::redirect( $query, $url ); ! return; ! ! } else { # r e s e t ! # and finally display the reset password page ! $url = &TWiki::getOopsUrl( $webName, $wikiName, "oopsresetpasswd", $theCryptPassword ); ! TWiki::redirect( $query, $url ); ! return; } } + # ========================= sub htpasswdCheckPasswd { *************** *** 152,168 **** # check for Windows if ( $TWiki::OS eq "WINDOWS" ) { ! $pwd = '{SHA}' . MIME::Base64::encode_base64(Digest::SHA1::sha1($old)); ! # strip whitespace at end of line ! $pwd =~ /(.*)$/ ; ! $pwd = $1; ! } ! else { ! my $salt = substr($oldcrypt, 0, 2); ! $pwd = crypt( $old, $salt ); } # OK ! if( $pwd eq $oldcrypt ){ ! return "1"; } # NO --- 150,166 ---- # check for Windows if ( $TWiki::OS eq "WINDOWS" ) { ! $pwd = '{SHA}' . MIME::Base64::encode_base64( Digest::SHA1::sha1( $old ) ); ! # strip whitespace at end of line ! $pwd =~ /(.*)$/ ; ! $pwd = $1; ! ! } else { ! my $salt = substr( $oldcrypt, 0, 2 ); ! $pwd = crypt( $old, $salt ); } # OK ! if( $pwd eq $oldcrypt ) { ! return "1"; } # NO *************** *** 170,173 **** --- 168,172 ---- } + # ========================= sub htpasswdReadPasswd { *************** *** 185,188 **** --- 184,188 ---- } + # ========================= sub htpasswdExistUser { *************** *** 200,203 **** --- 200,204 ---- } + # ========================= sub htpasswdGeneratePasswd { *************** *** 207,215 **** # check for Windows and use SHA1 digest instead of crypt() ! if ( $TWiki::OS eq "WINDOWS" ) { ! my $pwd = $user . ':{SHA}' . MIME::Base64::encode_base64(Digest::SHA1::sha1($passwd)); ! $pwd =~ /(.*)$/; ! $pwd = $1; ! return $pwd } srand( $$|time ); --- 208,216 ---- # check for Windows and use SHA1 digest instead of crypt() ! if( $TWiki::OS eq "WINDOWS" ) { ! my $pwd = $user . ':{SHA}' . MIME::Base64::encode_base64( Digest::SHA1::sha1( $passwd ) ); ! $pwd =~ /(.*)$/; ! $pwd = $1; ! return $pwd } srand( $$|time ); *************** *** 221,224 **** --- 222,226 ---- } + # ========================= sub htpasswdAddUser { *************** *** 233,234 **** --- 235,238 ---- &TWiki::Store::saveFile( $TWiki::htpasswdFilename, $text ); } + + # EOF |