Changeset 260 for branches/stable/cgi-bin
- Timestamp:
- 06/13/05 16:45:27 (20 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/stable/cgi-bin/admin.cgi
r252 r260 91 91 </form> 92 92 <hr><a href="admin.cgi?action=showpools">List IP Pools</a> for manual tweaking and updates 93 <hr><a href="admin.cgi?action=show ACL">Change ACLs</a> (change internal access controls -94 note that this does NOT include IP-based limits)93 <hr><a href="admin.cgi?action=showusers">Manage users</a> (add/remove users; change 94 internal access controls - note that this does NOT include IP-based limits) 95 95 ); 96 96 } else { … … 292 292 syslog "notice", "$authuser updated pool IP $webvar{ip}"; 293 293 } 294 } elsif ($webvar{action} eq 'show ACL') {294 } elsif ($webvar{action} eq 'showusers') { 295 295 print "Notes:<br>\n". 296 "<li>Users must be added to .htpasswd from the shell, for the time being.\n". 297 "<li>New accounts will be added to the ACL here every time this page is loaded.\n". 298 "<li>Old accounts will NOT be automatically deleted; they must be removed via shell.\n". 299 "<li>Admin users automatically get all other priviledges.\n"; 300 # open .htpasswd, and snag the userlist. 301 $sth = $ip_dbh->prepare("select count (*) from users where username=?"); 302 open HTPASS, "<../../.htpasswd" or carp "BOO! No .htpasswd file!"; 303 while (<HTPASS>) { 304 chomp; 305 my ($username,$encpwd) = split /:/; 306 $sth->execute($username); 307 my @data = $sth->fetchrow_array; 308 if ($data[0] eq '0') { 309 my $sth2 = $ip_dbh->prepare("insert into users (username,password) values ('$username','$encpwd')"); 310 $sth2->execute; 311 print "$username added with read-only privs to ACL<br>\n"; 312 } 313 } 296 "<li>Admin users automatically get all other priviledges.\n". 297 "<hr>Add new user:<form action=admin.cgi method=POST>\n". 298 "Username: <input name=username><br>\n". 299 "Password: <input name=password> <input type=checkbox name=preenc>Password is pre-encrypted (MUST be crypt() encrypted)<br>\n". 300 "<input type=submit value='Add user'><input type=hidden name=action value=newuser></form>\n"; 314 301 315 302 print "<hr>Users with access:\n<table border=1>\n"; … … 328 315 "></td><td><input type=checkbox name=del".($data[1] =~ /d/ ? ' checked=y' : ''). 329 316 "></td><td><input type=checkbox name=admin".($data[1] =~ /A/ ? ' checked=y' : ''). 330 qq(></td><td><input type=submit value="Update"></td></tr></form>\n); 317 qq(></td><td><input type=submit value="Update"></td></form>\n). 318 "<form action=admin.cgi method=POST><td><input type=hidden name=action value=deluser>". 319 "<input type=hidden name=username value=$data[0]>". 320 qq(<input type=submit value="Delete user"></tr></form>\n); 331 321 332 322 } … … 348 338 print "OK\n" if !$sth->err; 349 339 350 print qq(<hr><a href="admin.cgi?action=showACL">Back</a> to ACL listing\n); 340 print qq(<hr><a href="admin.cgi?action=showusers">Back</a> to user listing\n); 341 342 } elsif ($webvar{action} eq 'newuser') { 343 print "Adding user $webvar{username}...\n"; 344 my $cr_pass = ($webvar{preenc} ? $webvar{password} : 345 crypt $webvar{password}, join('',('.','/',0..9,'A'..'Z','a'..'z')[rand 64, rand 64])); 346 $sth = $ip_dbh->prepare("insert into users (username,password,acl) values ". 347 "('$webvar{username}','$cr_pass','b')"); 348 $sth->execute; 349 if ($sth->err) { 350 print "<br>Error adding user: ".$sth->errstr; 351 } else { 352 print "OK\n"; 353 } 354 355 print qq(<hr><a href="admin.cgi?action=showusers">Back</a> to user listing\n); 356 357 } elsif ($webvar{action} eq 'deluser') { 358 print "Deleting user $webvar{username}.<br>\n"; 359 $sth = $ip_dbh->prepare("delete from users where username='$webvar{username}'"); 360 $sth->execute; 361 print "OK\n" if !$sth->err; 362 363 print qq(<hr><a href="admin.cgi?action=showusers">Back</a> to user listing\n); 351 364 352 365 } elsif ($webvar{action} ne '<NULL>') {
Note:
See TracChangeset
for help on using the changeset viewer.