#!/usr/bin/perl
#
# change.cgi -- CGI script to update user's password.
#
# Date : 04 January 1999
# Simon Tneoh Chee-Boon tneohcb@pc.jaring.my
#
# Copyright (c) 1998 Simon Tneoh Chee-Boon. All rights reserved.
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.
#
BEGIN {
push(@INC, "..");
}
#
# CGI_LIB module used to parse form data.
#
use CGI_LIB;
#
# We need this module to add new user to the password file.
#
use HTTPPassword;
use strict;
my($cgiObj, $pwObj, $userID);
print "Content-Type: text/html\n\n";
#
# Create CGI_LIB object which contains all the form data.
#
$cgiObj = new CGI_LIB;
#
# Create the HTTPPassword object.
#
$pwObj = new HTTPPassword("../.password");
#
# After user login, we should have his ID.
#
$userID = $ENV{'REMOTE_USER'};
if ($userID =~ /^\s*$/) {
ErrorMesg("Invalid login.");
exit 0;
}
#
# Check if user has keyed in the correct old password.
# Notes: This can be checked by calling
# $obj->changeUserPassword($userID, $userNewPassword, $userOldPassword);
#
if ($pwObj->isValidUserPassword($userID, $cgiObj->{'useroldpassword'}) != 0) {
ErrorMesg($pwObj->{'errorMessage'});
exit 0;
}
#
# Make sure user has keyed in the new password and it is correct.
#
if ($cgiObj->{'usernewpassword'} =~ /^\s*$/) {
ErrorMesg("Please key in your new password.");
exit 0;
}
if ($cgiObj->{'usernewpassword'} ne $cgiObj->{'usernewpassword2'}) {
ErrorMesg("New password does not matched.");
exit 0;
}
#
# Update user's password.
#
if ($pwObj->changeUserPassword($userID, $cgiObj->{'usernewpassword'}) != 0) {
ErrorMesg("Fail to change password for user, $userID: $pwObj->{'errorMessage'}");
exit 0;
}
print <<__END__HTML__;
Success