Ignore:
Timestamp:
12/07/22 17:11:28 (2 years ago)
Author:
Kris Deugau
Message:

/trunk

Update header/copyright
Update "add the directory the script is in to @INC" library-finder based on

discussion and links from https://www.perlmonks.org/?node_id=585299 and
https://www.perlmonks.org/?node_id=41213

Pull some refinements from production upstream

  • Add arguments to cause add/delete actions, rather than just always doing both
  • Add a framework to exclude users from autodelete
  • Fix up the SQL to match style and use prepared statements
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/cgi-bin/access-pwd-update.pl

    • Property svn:keywords changed from Date Rev Author to Id
    r906 r932  
    11#!/usr/bin/perl
    2 # Update IPDB users table with user/password data from 5-minute
    3 # cron'ed push from billing
    4 ###
    5 # SVN revision info
    6 # $Date$
    7 # SVN revision $Rev$
    8 # Last update by $Author$
    9 ###
    10 # Copyright (C) 2007-2010 - Kris Deugau
     2# Update IPDB users table with user/password data from 5-minute cron'ed
     3# push from billing
     4##
     5# $Id$
     6# Copyright (C) 2007-2010,2017,2022 - Kris Deugau <kdeugau@deepnet.cx>
     7#
     8#    This program is free software: you can redistribute it and/or modify
     9#    it under the terms of the GNU General Public License as published by
     10#    the Free Software Foundation, either version 3 of the License, or
     11#    (at your option) any later version.
     12#
     13#    This program is distributed in the hope that it will be useful,
     14#    but WITHOUT ANY WARRANTY; without even the implied warranty of
     15#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     16#    GNU General Public License for more details.
     17#
     18#    You should have received a copy of the GNU General Public License
     19#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
     20##
    1121
    1222use strict;
    1323use warnings;
    1424use DBI;
     25use Getopt::Long;
    1526
    1627# don't remove!  required for GNU/FHS-ish install from tarball
    1728##uselib##
    1829
    19 # push "the directory the script is in" into @INC
    20 use FindBin;
    21 use lib "$FindBin::RealBin/";
     30# Taint-safe (ish) voodoo to push "the directory the script is in" into @INC.
     31use File::Spec ();
     32use File::Basename ();
     33my $path;
     34BEGIN {
     35    $path = File::Basename::dirname(File::Spec->rel2abs($0));
     36    if ($path =~ /(.*)/) {
     37        $path = $1;
     38    }
     39}
     40use lib $path;
     41
     42# Watch for longstanding senior staff deletes;  these should make waves when removed
     43my %seniorstaff = map { $_ => 1 } qw ();
     44
     45my $doadd = 0;
     46my $dodel = 0;
     47GetOptions(
     48        "add|a" => \$doadd,
     49        "delete|d" => \$dodel,
     50);
    2251
    2352use MyIPDB;
     
    3867
    3968die ".htpasswd error:  file seems too small: ".(-s $passfile)."\n"
    40         if (-s $passfile <3000);
     69        if (-s $passfile <500);
    4170
    4271open HTPASS, "<$passfile";
    4372
    44 my $sth = $ip_dbh->prepare("select count(*) from users where username=?");
    45 my $sth2;
     73my $sth = $ip_dbh->prepare("SELECT count(*) FROM users WHERE username = ?");
     74my $insert_user = $ip_dbh->prepare("INSERT INTO users (username) VALUES (?)");
     75my $del_user = $ip_dbh->prepare("DELETE FROM users WHERE username = ?");
     76
    4677while (<HTPASS>) {
    4778  chomp;
    48   my ($user,$pass) = split /:/;
     79  my ($user,undef) = split /:/;
    4980  $sth->execute($user);
    5081  my @data = $sth->fetchrow_array();
    51   my $sql;
    5282  if ($data[0] == 0) {
    53     $sql = "insert into users (username,password) values ('$user','$pass')";
    54     print "new user: $user\n";
    55   } else {
    56     $sql = "update users set password='$pass' where username='$user'";
     83    if ($doadd) {
     84      $insert_user->execute($user) or print "error inserting $user: ".$DBI::errstr."\n";
     85      print "new user: $user\n";
     86    } else {
     87      print "pending new user: $user\n";
     88    }
    5789  }
    58   $sth2 = $ip_dbh->prepare($sql);
    59   $sth2->execute or print "error executing $sql: ".$DBI::errstr."\n";
    60   $userhash{$user} = $pass;
     90  $userhash{$user} = '!';
    6191}
    6292
    6393# and now to delete users that have been removed
    64 $sth = $ip_dbh->prepare("select username,acl from users order by username");
    65 $sth2 = $ip_dbh->prepare("delete from users where username=?");
     94$sth = $ip_dbh->prepare("SELECT username,acl FROM users ORDER BY username");
    6695$sth->execute;
    6796while (my @data = $sth->fetchrow_array()) {
    6897  if (!$userhash{$data[0]}) {
    69     print "deleting $data[0] (acl $data[1])\n";
    70     $sth2->execute($data[0])
    71         or print "error deleting $data[0]: ".$DBI::errstr."\n";
     98    # safety net for senior key staff
     99    if ($seniorstaff{$data[0]}) {
     100      print "skipping delete of $data[0], update access-pwd-update.pl if they've really left\n";
     101      next;
     102    }
     103    if ($dodel) {
     104      $del_user->execute($data[0]) or print "error deleting $data[0]: ".$DBI::errstr."\n";
     105      print "deleting $data[0] (acl $data[1])\n";
     106    } else {
     107      print "pending user delete '$data[0]'\n";
     108    }
    72109  }
    73110}
Note: See TracChangeset for help on using the changeset viewer.