Modifier password.cgi

J'utilise le script password.cgi.

Pour faciliter l'administration, je souhaiterais que sur la page où l'on
présente des utilisateurs déjà inscripts (Current Users), en plus de
leur nom on ait aussi leur Password non crypté.

Mais évidemment je n'y connais rien en Perl... comment faire ça ?




#!/usr/bin/perl
# Copyright by Floyd Morrissette Floyd@NewWebSite.com
# Make sure you chmod 755 or make it executable by everybody.
# And of course make sure you rename this file to password.cgi
# Change the following variable to the way your forms should call cgi
scripts on your system. No trailing slash.

$action = "http://www.you-site.com/cgi-bin";

print "Content-type: text/html\n\n";
$pwd = `pwd`;
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$value =~ s/~!/ ~!/g; $FORM{$name} = $value;}
$directory = $FORM{'directory'};
$user = $FORM{'user'};
$path = $FORM{'path'};
$name = $FORM{'name'};
$password = $FORM{'password'};
$newpass = crypt($password, tnnntv);
if ($FORM{'submit'} eq "Add") {
&encrypt
}elsif ($FORM{'submit'} eq "Submit"){
&form2;
}elsif ($FORM{'submit'} eq "Delete"){
&delete;
}else{
&form;
}
sub form{
print <<HTML;
<html>
<head>
<title>Password Manager</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td bgcolor="#008080"><font color="#FFFFFF" size="2"
face="Verdana"><b>Password Manager</b></font></td>
</tr>
</table>
<p>Which directory would you like to manage passwords for?</p>
<form method="POST" action="$action/password.cgi">
<p>
The current full directory path for the password.cgi is
<b>$pwd</b><br><br>
Directory: <input type="text" name="directory" size="20"><br>
<input type="submit" value="Submit" name="submit"></p>
</form>
<p>&nbsp;</p>
</body>
</html>
HTML
}
sub form2{
print <<HTML;
<html>
<head>
<title>Password Manager</title>
</head>
<body>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td bgcolor="#008080"><font color="#FFFFFF" size="2"
face="Verdana"><b>Now
Managing Passwords for:<br> $directory</b></font></td>
</tr>
</table>
<form action ="$action/password.cgi" method="post">
<table>
<tr>
<td>New member:</td><td><input type="text" name="name"></td>
</tr>
<tr>
<td>Password:</td><td><input type="text" name="password"></td>
</tr>
<tr>
<td colspan=2><input type="submit" value="Add" name="submit"></td>
</tr>
</table>
<p>Current Users:<br>
HTML
open (FILE1, "$directory/.htaccess") || print "There does not appear to
be a .htaccess file here yet. <br>Will attempt to create when you add a
new user.\n";
@ht=<FILE1>;
close(FILE1);
foreach $ht(@ht){
chomp($ht);
if ($ht =~ /require/){
@require = split(/ /, $ht);
@require = reverse(@require);
$old = pop(@require);
$old2 = pop(@require);
@require = reverse(@require);
foreach $require(@require){
print "<input type=\"radio\" name=\"user\"
value=\"$require\">$require<br>\n";
}
}
}
print <<HTML;
<p><br>
<input type="submit" value="Delete" name="submit">
<input type="hidden" name="directory" value="$directory">
</form>
<p>&nbsp;
<p>&nbsp;
<p>&nbsp;
<p><br>
</form>
</body>
</html>
HTML
}
sub encrypt{
if (-e "$directory/.htaccess"){
open (PANEL, "$directory/.htaccess") || print "Can't open
$directory/.htaccess\n";
@panel = <PANEL>;
close (PANEL);
open (FILE2, ">$directory/.htaccess");
foreach $panel(@panel){
chomp($panel);
if ($panel =~ /require/){
$panel = $panel.$FORM{name}." ";
}
print FILE2 "$panel\n";
}
close (FILE2);
$newpass = crypt($FORM{password}, tnnntv);
open (PANEL, ">>$directory/.htpasswd") || die print "Can't open
.htpasswd";
print PANEL "$FORM{name}:$newpass\n";
close (PANEL);
}else{
open (FILE, ">$directory/.htaccess") || die print "Can't open
$directory/.htaccess";
print FILE "AuthUserFile $directory/.htpasswd\nAuthName
\"Access\"\nAuthType Basic\n<limit GET>\nrequire user
$FORM{name}\n</limit>\n";
close(FILE);
open (FILE2, ">$directory/.htpasswd") || die print "Can't open
$directory/.htpasswd";
print FILE2 "$FORM{name}:$newpass\n";
close(FILE2);
}
&form2;
}
sub delete{
if ($user ne ""){
open (FILE, "$directory/.htaccess");
@htaccess=<FILE>;
close(FILE);
open (FILE2, ">$directory/.htaccess");
foreach $htaccess(@htaccess){
chomp($htaccess);
$htaccess =~ s/$user\s//;
print FILE2 "$htaccess\n";
}
close(FILE2);
open (FILE3, "$directory/.htpasswd");
@password=<FILE3>;
close(FILE3);
open (FILE4, ">$directory/.htpasswd");
foreach $password(@password){
chomp($password);
print FILE4 "$password\n" unless ($password =~ /\b$user\b/);
}
}
&form2;
}