Index: trunk/cgi-bin/access-pwd-update.pl =================================================================== --- trunk/cgi-bin/access-pwd-update.pl (revision 931) +++ trunk/cgi-bin/access-pwd-update.pl (revision 932) @@ -1,23 +1,52 @@ #!/usr/bin/perl -# Update IPDB users table with user/password data from 5-minute -# cron'ed push from billing -### -# SVN revision info -# $Date$ -# SVN revision $Rev$ -# Last update by $Author$ -### -# Copyright (C) 2007-2010 - Kris Deugau +# Update IPDB users table with user/password data from 5-minute cron'ed +# push from billing +## +# $Id$ +# Copyright (C) 2007-2010,2017,2022 - Kris Deugau +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +## use strict; use warnings; use DBI; +use Getopt::Long; # don't remove! required for GNU/FHS-ish install from tarball ##uselib## -# push "the directory the script is in" into @INC -use FindBin; -use lib "$FindBin::RealBin/"; +# Taint-safe (ish) voodoo to push "the directory the script is in" into @INC. +use File::Spec (); +use File::Basename (); +my $path; +BEGIN { + $path = File::Basename::dirname(File::Spec->rel2abs($0)); + if ($path =~ /(.*)/) { + $path = $1; + } +} +use lib $path; + +# Watch for longstanding senior staff deletes; these should make waves when removed +my %seniorstaff = map { $_ => 1 } qw (); + +my $doadd = 0; +my $dodel = 0; +GetOptions( + "add|a" => \$doadd, + "delete|d" => \$dodel, +); use MyIPDB; @@ -38,36 +67,44 @@ die ".htpasswd error: file seems too small: ".(-s $passfile)."\n" - if (-s $passfile <3000); + if (-s $passfile <500); open HTPASS, "<$passfile"; -my $sth = $ip_dbh->prepare("select count(*) from users where username=?"); -my $sth2; +my $sth = $ip_dbh->prepare("SELECT count(*) FROM users WHERE username = ?"); +my $insert_user = $ip_dbh->prepare("INSERT INTO users (username) VALUES (?)"); +my $del_user = $ip_dbh->prepare("DELETE FROM users WHERE username = ?"); + while () { chomp; - my ($user,$pass) = split /:/; + my ($user,undef) = split /:/; $sth->execute($user); my @data = $sth->fetchrow_array(); - my $sql; if ($data[0] == 0) { - $sql = "insert into users (username,password) values ('$user','$pass')"; - print "new user: $user\n"; - } else { - $sql = "update users set password='$pass' where username='$user'"; + if ($doadd) { + $insert_user->execute($user) or print "error inserting $user: ".$DBI::errstr."\n"; + print "new user: $user\n"; + } else { + print "pending new user: $user\n"; + } } - $sth2 = $ip_dbh->prepare($sql); - $sth2->execute or print "error executing $sql: ".$DBI::errstr."\n"; - $userhash{$user} = $pass; + $userhash{$user} = '!'; } # and now to delete users that have been removed -$sth = $ip_dbh->prepare("select username,acl from users order by username"); -$sth2 = $ip_dbh->prepare("delete from users where username=?"); +$sth = $ip_dbh->prepare("SELECT username,acl FROM users ORDER BY username"); $sth->execute; while (my @data = $sth->fetchrow_array()) { if (!$userhash{$data[0]}) { - print "deleting $data[0] (acl $data[1])\n"; - $sth2->execute($data[0]) - or print "error deleting $data[0]: ".$DBI::errstr."\n"; + # safety net for senior key staff + if ($seniorstaff{$data[0]}) { + print "skipping delete of $data[0], update access-pwd-update.pl if they've really left\n"; + next; + } + if ($dodel) { + $del_user->execute($data[0]) or print "error deleting $data[0]: ".$DBI::errstr."\n"; + print "deleting $data[0] (acl $data[1])\n"; + } else { + print "pending user delete '$data[0]'\n"; + } } }