SCMLife.com

 找回密码
 立即注册

QQ登录

只需一步,快速开始

扫一扫,访问微社区

查看: 4109|回复: 2

[求助] linux下使用CGI脚本更改svn密码报错

[复制链接]
发表于 2017-12-1 16:38:19 | 显示全部楼层 |阅读模式
大家好,centos7 下我按网上的脚本ChangePasswd.cgi  ChangePasswd.ini  ChangePasswd.log 创建了这三个文件,但是修改密码时,报原始密码错误,明明没有输入错误的。" ^/ H! V1 h/ E5 D& E
[root@localhost cgi-bin]# ll ChangePasswd.cgi
/ r) P/ [7 k( M$ V8 M9 L% c3 a3 f! s-rwxrwxrwx 1 apache apache 5957 Nov 30 17:25 ChangePasswd.cgi
6 e3 i  A" n8 W% z' z/ _[root@localhost cgi-bin]# ll ChangePasswd.ini
$ l% O1 v. y" R$ j9 f- a-rwxrwxrwx 1 apache apache 566 Dec  1 15:03 ChangePasswd.ini: I: s( y9 n; S5 i1 W( h
7 x, i" K! d% n6 u' E+ w

( v7 x* l1 e8 D0 B1 R* S  D" Q& L权限都有的,查看apache的logs也不报错,只页面提示说原始密码错误 ,不知道问题出在哪里了。请求,大家 给看看呀。。
发表于 2017-12-4 10:03:41 | 显示全部楼层
提示: 作者被禁止或删除 内容自动屏蔽
回复 支持 反对

使用道具 举报

 楼主| 发表于 2017-12-5 10:56:07 | 显示全部楼层
ChangePasswd.cgi 文件内容:
: }" R% Y1 w$ ?#!/usr/bin/perl -w
0 j; r1 H2 C. p/ t) `: T8 h6 ^use strict;* X+ L) l7 H- A& |$ W% R
use CGI;" s2 L! j5 Y5 y' |" w% S6 g
my $time = localtime;0 w1 [) a1 d% z) p
my $remote_id = $ENV{REMOTE_HOST} || $ENV{REMOTE_ADDR};' s) b- t; l) y' o5 v' ]0 G
my $admin_email = $ENV{SERVER_ADMIN};- l0 M: `. f7 M+ |8 R) g: l! H
my $cgi = new CGI;6 R2 G) F; u  i& B) I! [
my $pwd_not_alldiginal = "密码不能全为数字";
7 {- Q: S( H; \my $pwd_not_allchar = "密码不能全为字符";
& E8 n6 R. r: i0 g* G4 {* _my $user_not_exists ="该用户不存在";
2 }4 D- }3 Y; ^4 q4 l9 Emy $file_not_found ="文件不存在,请联系管理员";
+ Z: d! U) t9 smy $authuserfile;
- g% X8 B4 V8 G; C* omy $logfile;: D$ c3 e6 L+ y. n$ h
my $pwdminlen;! \1 y; _3 [% L2 w( V6 y* H- V. `) H4 X
my $title;$ ]" a/ {: R: L+ G+ \
my $description;
2 i. i" ^# a5 p; |my $yourname;
' _0 g8 x, [8 y8 }/ m$ omy $oldpwd;
# G& s- M8 f) e. W* A- z- Xmy $newpwd1;( }2 f+ A# l% w6 J( a
my $newpwd2;: h" u8 C& v. i' A
my $btn_change;
5 W! r. x$ p5 `+ h0 q8 [my $btn_reset;
8 N; k! {& v! b) K4 Omy $changepwdok;
6 A/ `' m  T2 G# Y) Nmy $changepwdfailed;0 p+ R7 w  \/ {3 ^1 o/ R
my $oldpwderror;0 w& x. [/ t  i1 ^# h" `+ R
my $passmustgreater;% Q; K5 J* Y8 N! [6 C) a
my $twopassnotmatched;/ t' a* \1 }! S: i) D  U4 E
my $entername;9 q) v( O% \; K
my $enterpwd;* `/ U. U9 m& C0 ?0 c4 U* E0 q
my $errorpwd;
& u3 ]* Z. C, w" |: ^+ }( W3 Pmy $back;
% c+ r3 G3 Z# X" q1 @ $ L' G: Q, g+ I( d  S9 _2 Z) Z
&IniInfo;  r: V9 o4 m  j# t
if ($cgi -> param())* M6 _) I) |( L- e
{#8
2 B) c) p# p0 U, `" y/ X2 omy $User = $cgi->param('UserName');$ e2 r$ S0 e8 o' r
my $UserPwd = $cgi->param('OldPwd');# m- p/ K, Z8 E/ S/ n1 ^8 T5 h
my $UserNewPwd = $cgi->param('NewPwd1');$ {; [/ L; X  L# B- R+ ^  O
my $MatchNewPwd = $cgi->param('NewPwd2');! [( _9 j4 i2 o. C' Q8 {8 V
& I" w( w' B# j
if (!$User)8 C1 e3 y( D5 T: x8 Q
{&Writer_Log("Enter no user name");* f1 x6 X6 m( }0 K% D9 Q+ N
&otherhtml($title,$entername,$back);}
9 p3 o! }. H, m% Eelsif (!$UserPwd )" O! ~) Y1 w6 D! Q% e4 h
{&Writer_Log("Enter no OldPasswd");
/ T& \  h6 v! e1 M3 J; G&otherhtml($title,$enterpwd,$back); }
7 S+ Q3 _( Y: `7 [$ uelsif (length($UserNewPwd)<$pwdminlen)
# h7 [) s, L, E5 g$ D5 N{&Writer_Log("Password's length must greater than".$pwdminlen);9 Q2 q4 U3 L) f- y
&otherhtml($title,$passmustgreater.$pwdminlen,$back);}; i2 P9 `  o* y% S
elsif ($UserNewPwd =~/^\d+$/)! z5 y6 Z0 N! m! w' B* b1 C: H+ @
{&Writer_Log("New Passwd isn't all diginal");  R! f1 Y# A4 H. R# V9 ]5 I
&otherhtml($title,$pwd_not_alldiginal,$back);}3 ?* t2 ?( H4 ?' |& Y& f0 w; L$ ~- R2 J
elsif ($UserNewPwd =~/^[A-Za-z]+$/)9 p, k% x! o6 L5 P7 k
{&Writer_Log("New Passwd isn't all char");
  H- s, t! T8 {8 R& L&otherhtml($title,$pwd_not_allchar,$back);}
' V$ `; L7 ]+ @2 ^7 h: Delsif ($UserNewPwd ne $MatchNewPwd)
1 F. g; t5 W( f- D: C' R) ~{&Writer_Log("Two new passwords are not matched");
& }* E* p% @% f* M6 |+ v$ C( a&otherhtml($title,$twopassnotmatched,$back);}! v6 r& `9 H+ v1 u: H1 z
else
3 q3 V7 D  o% n6 J2 i5 f{if($authuserfile)
7 X. n# V7 Z7 a4 x! P7 Q{#6
  Z+ j  t. }  J2 X! y" Vopen UserFile, "<$authuserfile" or die "打开文件失败:$!";/ e6 c  ]2 A) t8 B9 a& F: x
while (<UserFile>)
  m7 c, K- A" x9 W, ~{#55 A8 n9 {5 C) G
my $varstr=$_;* J- i1 `; h9 Z: N- M' L
if($varstr =~/($User)/)1 W% F$ U  \& e8 j& q
{#3
1 k6 i9 Y1 I7 D  q( Pmy $eqpos =index($varstr, ":");
5 |3 _7 x+ F% j. f/ y3 O; Imy $UserName = substr($varstr,0,$eqpos);
6 A/ p$ W) n2 c' lmy $cryptpwd = substr($varstr,$eqpos + 1,13);
9 U* S( R/ x# n! r$ f" e0 M9 B   _; z! f- n2 u( B3 I& O
next if($UserName ne $User);  f' W5 S" p9 P" l8 w

7 X+ M& F& d2 Q4 ?2 j) `2 lif(crypt($UserPwd,$cryptpwd) eq $cryptpwd)
. s) G4 l  H5 z' K& e. n9 q' D1 F4 `{#a
+ \! v# e( s, Cmy $rc = system("/usr/bin/htpasswd -b $authuserfile $User $UserNewPwd");" {1 M+ E5 a0 G' v4 \
if ($rc == 0)
4 @, |5 W7 M. ]5 L4 ]{#1
/ f, a  b0 }* J: W&Writer_Log( $User.":Change Passwd");+ `- r! B% {) s' D! E
&otherhtml($title,$changepwdok,$back);" H7 q, ?8 l  c& ~5 W3 r
}#1
" G% Y  K& |8 P( p& V- Gelse+ }8 e' r5 A! T8 ?4 H. `5 t
{#2
% s, j7 ^2 w4 T2 z9 I&Writer_Log( $User.":Change Passwd Failed");
( N4 ^3 S4 n3 D&otherhtml($title,$changepwdfailed,$back);' d" V& _* J( o& e2 V
}#2
3 t5 J* D; j# b) g1 i* ~3 `exit;
% M; k$ q% U8 W' r8 }}#a
0 }1 `' R0 S* f% N. \# h. M* Jelse5 S8 U/ M# |/ t; Z$ k  B8 w
{#b
: O9 a' y* g2 m. v. L. M9 e&Writer_Log("Old Passwd is Incorrect ");
/ P0 V" U6 l. v) D. U% v6 [+ A& v&otherhtml($title,$errorpwd,$back);$ h% t9 x4 z( f& ~, h& Y
}#b
" F; u- B3 i* m4 v% J" l: R" b( aexit;
2 h5 ]) w/ ^$ L* G}#3" F& C/ k  e1 ]$ ]  f
else$ p5 E& |! e& k: ^( |/ m9 h& ^
{#4
* j' g; g% v& V# a4 b3 Q3 Gif(eof)7 E: a  ~5 `* ^* l8 M1 s
{ &Writer_Log($User.":no this user");
9 y3 ?* o( v! f8 U0 B&otherhtml($title,$user_not_exists,$back);8 p! t+ ^7 l( }( C, T% m7 h
exit;
8 Q% h6 y, t1 e}
. j! R- U, b3 B( z" gelse+ X- t4 ]* w( y- L
{next;}
3 b9 Z- m* D4 i. b}#4
- m: W7 Y6 g. @1 W2 \6 n  Y}#5+ o, b8 U0 h* |3 ], Y. |
close UserFile;
, P" S/ [) g. H% b, Q}#6& o* P( K+ g& A" {0 s% B
else0 i+ i4 D/ W, @$ A1 N
{#75 K; Y- a# R7 \1 ^6 O# ^
&Writer_Log($authuserfile.":no found");
' Q$ [8 l, @& r' c/ K  z+ O&otherhtml($title,$file_not_found,$back);
$ ^" `4 T6 a/ O7 A: t' n' L}#7( z1 f! N7 G+ X0 I& q7 S, H
}
+ G/ m0 u- w& T}#8
) h1 z* i0 u( W$ d& U! T  `0 pelse
  N1 f; Q5 |3 J. W; I1 `( a{&Index_Html;}
5 U" h! n6 M4 a6 B  A2 P0 `. i1 xsub IniInfo{( @1 v2 J; u% h. l  j7 |0 @
my $inifile = "/var/www/cgi-bin/ChangePasswd.ini";; X( F9 B4 |! y. N7 H8 v2 v
open CGI_INI_FILE, "<$inifile" or die "打开文件失败:$!";;- a* N. E4 o. a0 V
while (<CGI_INI_FILE>)+ u( H9 k& h  o1 H* m
{
" {2 l- W9 d6 }, @  S* }  t# wmy $eqpos =index($_,'=');! M8 H0 `( q7 @# d
my $len = length($_);
5 S4 Z- ^9 F! d0 o* iif ($_ =~/authuserfile/)! v2 o' b9 ~; p, F
{$authuserfile= substr($_, $eqpos + 1, $len - $eqpos -2);}, G& e; P6 v' `1 e: U9 l5 @! }: t7 ?9 z
elsif ($_ =~/logfile/)4 f/ L" D+ Q: k3 `- }% P. |* g& z
{$logfile= substr($_, $eqpos + 1);}
. M+ ^" ]# Y/ F0 b2 k  |elsif ($_ =~/pwdminlen/)
' S( l0 u% O" V* R% O$ J{$pwdminlen= substr($_, $eqpos + 1);}
- P. Z% {3 u1 `3 ?elsif ($_ =~/title/)
! X0 H- u3 F+ O3 O% u{$title = substr($_, $eqpos + 1);}
: J. @/ O" d4 w+ }! h* ]elsif ($_ =~/description/)
) g" Z! O2 Z: q{$description = substr($_, $eqpos + 1);}* q( n3 v2 z8 H) s( }
elsif ($_ =~/yourname/); Y. U/ U" I7 R8 a/ E) P6 c
{$yourname = substr($_, $eqpos + 1);}
9 K& E* S. w2 a8 U( \+ [8 Relsif ($_ =~/oldpwd/)
  s' i+ Z! J8 }! |{$oldpwd= substr($_, $eqpos + 1);}/ y$ q5 `. H  B1 |7 X+ b. S4 e* _
elsif ($_ =~/newpwd1/)7 A* U* o2 ]5 @# h- O: T& v5 F: ^
{$newpwd1= substr($_, $eqpos + 1);}( W7 Q/ n+ k8 {) B+ C
elsif ($_ =~/newpwd2/)
, ^! j/ S; n$ P  b2 W{$newpwd2= substr($_, $eqpos + 1);}- Q$ x  h# z9 z
elsif ($_ =~/btn_change/)5 a. P8 ~, ~" m9 s* E* W3 M
{$btn_change = substr($_, $eqpos + 1);}& z  ~& l- n) g+ Z8 c" Q- C; A
elsif ($_ =~/btn_reset/)3 R+ D% u# y1 ^0 O
{$btn_reset = substr($_, $eqpos + 1);}+ W* v4 U& f4 @) c, e8 w
elsif ($_ =~/changepwdok/)- I! q! X& M4 _) b5 t, e" {
{$changepwdok = substr($_, $eqpos + 1);}' S/ N0 D) P: C4 ?" z% y) d
elsif ($_ =~/changepwdfailed/)
" Q. G* q& b) w{$changepwdfailed = substr($_, $eqpos + 1);}& h* J+ R: n( o6 |% e
elsif ($_ =~/oldpwderror/)
  O- v# T6 D7 M) |  i' k+ @{$oldpwderror = substr($_, $eqpos + 1);}
- L5 s1 V5 X8 N  q: Z8 N& ]; jelsif ($_ =~/passmustgreater/)9 j9 c) b; c, S
{$passmustgreater = substr($_, $eqpos + 1);}. ?! M, s6 V3 d
elsif ($_ =~/twopassnotmatched/)# S1 L) U7 J1 `5 p2 P! L7 e
{$twopassnotmatched = substr($_, $eqpos + 1);}
5 h3 y! W0 b' ?7 N6 P, Gelsif ($_ =~/entername/)
9 @& D' v$ D1 K( G  U/ B{$entername = substr($_, $eqpos + 1);}7 z/ Y$ p. V* T' V6 e- f- u1 }
elsif ($_ =~/enterpwd/)& K" @$ I$ ]# q1 u# g
{$enterpwd= substr($_, $eqpos + 1);}
' b2 @3 J, D0 a; ~) ]% h7 m8 Oelsif ($_ =~/errorpwd/)
& R% o  |3 i, ~) x/ ~9 v{$errorpwd= substr($_, $eqpos + 1);}& b( `2 X3 Z, T3 E0 G
elsif ($_ =~/back/)
" c9 P. G! l2 \0 J{$back = substr($_, $eqpos + 1);}  @4 `. m) }4 J; |
}
- q/ j. a  ]0 c9 A: Wclose CGI_INI_FILE;
8 `" m2 E/ c, t) g$ Z& k$ r}
; Z! [0 u  a7 f4 V- Z) Msub Index_Html' p; o9 l8 R0 h
{
! J* e! ~5 I; x4 vprint "Content-type: text/html\n\n";6 j, j) [$ K) P! [
print <<END_OF_PAGE;( y# g# r6 U- U; S' r
<html >9 `* P' O8 V( {' ]/ s8 e) ]
<head>
5 f* m  u' E- x<title>$title</title>/ j. M; [( @9 p# T- X
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />+ i* c/ T6 g, W6 m
</head>
: T1 s' p. m; m2 a- f8 E<body>. t6 V/ w* L/ \% r% G% v
<HR>4 |: U+ }; K& r; l

  j) k! Y* ]3 _9 O; b# R4 `<center><h1>$description</h1>( R+ Q0 t; u5 @- u
</center>
/ l5 S  R+ ?& i# r8 b% |# ]<form method="POST" enctype="multipart/form-data" action="/cgi-bin/ChangePasswd.cgi">( X: r8 C$ h2 K$ l) V, I2 b
<br>
9 y7 X; w' v/ s2 u: v. @<TABLE align="center">& J0 f$ g% x% e( T: S
<TR><TD class="t_text">$yourname</TD><TD><input type="text" name="UserName" /></TD></TR>
" k8 K% s* [; a/ P<TR><TD class="t_text">$oldpwd</TD><TD><input type="password" name="OldPwd" /></TD></TR>
2 L% z3 Z3 I$ \8 n% I' y% y4 n5 {<TR><TD class="t_text">$newpwd1</TD><TD><input type="password" name="NewPwd1" /></TD></TR>
% i) E# {! E  X9 p<TR><TD class="t_text">$newpwd2</TD><TD><input type="password" name="NewPwd2" /></TD></TR>
' [  z4 R6 m7 m- k</TABLE>
8 r- W8 b' M! L, _! d<br>9 C+ q7 G6 {* k! D
<TABLE align="center">
! m' g( ]& y" D" G6 V$ _<TR><TD><input type="submit" name="chgpasswd" value="$btn_change"> <input type="reset" value="$btn_reset"></TD></TR>/ o# i, s& `' t( D3 X0 }
</TABLE>
1 d. o5 E% z7 i9 _) {2 }</form>
1 L( G+ C+ w' v; l& U) _; R0 G<HR>: r* s* P" j# W/ D3 E8 `% I$ n
<center><font color="#FF0000">注意:新密码位数必需大于$pwdminlen,且为字母与数字组合</font>
" A8 l3 |# z; a$ I- W2 W</body># g  l0 d8 J+ x: \* q3 G, c  @
</html>& j* H3 H: c' w& `/ b4 X$ d
END_OF_PAGE0 w4 f; M" R  {" B: x7 @4 c
}
3 X4 i, F; H$ P+ \  zsub otherhtml{
1 L9 k9 m( O1 {( Vprint "Content-type: text/html\n\n";9 O1 S9 c( ^$ Z+ Z! i6 \2 }
print <<END_OF_PAGE;
8 H2 _) e/ g9 x" Y. C2 z7 m! {<html>
% b/ D7 m! c+ }8 T3 R9 P<head>
/ X* ]" [" J& J) r; ?! T<meta http-equiv="Content-Language" content="zh-cn">4 p, S* @1 ^* z- `# g# O
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
7 o/ T( M7 o8 C6 o- t( S<title>$_[0]</title>  J/ N' x) Q9 P3 N7 @' ~
</head># r# ^: e) D1 ?! F/ k) I# \
<body>
4 y. U3 W7 K9 L4 |! ^<p align="center"><font size="5">$_[1]</font></p>* a! Y% F; T# m7 p! L
<p align="center"><a href="/cgi-bin/ChangePasswd.cgi"><font size="4">$_[2]</font></a></p>0 z6 T; ?7 w: i: A9 P4 @" d8 V
<HR>2 y7 ^. j  y+ \
<center>& D6 P2 W8 `% p: ^
<P>如有问题请与管理员联系E-Mail: <A HREF="$admin_email.
5 }0 a4 P8 ?6 P4 R" o) Rmailto:$admin_email">$admin_email</A>.</P></center>; W8 ]  j, D( r* f9 B* ^
8 y* z- u( ]. m1 e+ t8 T, A
</body>
8 \3 s7 v% X) L7 f" O  l5 c! A  ; F2 w/ [0 s" l: J- Z' u
</html>
5 Z5 A4 L8 R6 \1 N. Z3 ]5 WEND_OF_PAGE! {/ ~: v4 H+ A
}6 f; e* B# x0 q3 P$ x& Q
sub Writer_Log{
) [/ l! z% S7 W( X! @. jif($logfile)6 i5 [, u. H9 f
{
6 Y1 D2 W9 k. o% t% w  }) @+ Pmy $loginfo ="[".$time."] "." [".$remote_id."] "." || ".$_[0];
2 d3 \& \" B8 sopen LOGFILE,">>$logfile" or die "Couldn't open LOG FILE for writing: $!";
) Z: g# f2 W$ Y1 Z$ P' Hprint LOGFILE ("$loginfo\n");2 G. X! \. f0 S. }% |3 K# O7 x
close LOGFILE;4 D& k1 }9 t+ X% ~0 f! k
}
5 ^# x, l2 {5 x' U8 L}
" c% _% r' B8 z( s' B3 g
3 [! i  n7 ~: J: A3 n/ ]( rChangePasswd.ini:文件内容
8 ?9 E" ]# [+ q+ c[path]+ }8 @! n% _/ P' u2 R7 E
authuserfile=/data/svn/passwd
' g3 I" m( D1 s, [3 T- Llogfile=/var/www/cgi-bin/ChangePasswd.log, z/ ~# }  E  T3 s6 o' m6 Q' H
[setup]
" X+ a# r$ o' Y7 Rpwdminlen=6
/ A& ?2 Q3 d! h0 V[html]
- g& y/ Z" P6 d2 Z! D) r" ?* ztitle=SVN用户密码自助修改: Y3 S) \% o0 w& D
description=SVN用户密码自助修改7 p/ ^" a, k. |2 l
yourname=用户名:" t' E+ _& k$ x; [1 F1 L. o. E
oldpwd=旧密码:
# ^! ^4 Y0 H+ C5 b4 \. A! _newpwd1=新密码:  T( Q6 h% n9 ?- c, I7 Q# J
newpwd2=确认新密码:6 t3 P/ I0 k6 F% H/ {6 g: G$ |
btn_change=修 改$ D6 q% Q$ l( u. s' I/ \
btn_reset=重 置
6 Y4 E0 u  V" k) j9 T* cchangepwdok=修改密码成功
8 W: y5 C: k1 r: F3 Fchangepwdfailed=修改密码失败
; ~' l9 _" [, v$ d& E. p+ zservererror=服务器错误7 l3 F5 q/ t8 \, f1 z7 g( F
passmustgreater=新密码位数必须大于$ E* B$ w: Q) {* c1 p* C' s
twopassnotmatched=两密码不一致% b' n9 x6 d! U. w/ ^, ]* q* s
entername=请输入用户名% |* ~; M/ V" L% E9 h
enterpwd=密码未输入: E/ Q7 a- I5 c$ z7 t5 B
errorpwd=你的密码不正确/ O4 L) M2 X4 z0 i) V
back=返回
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

关闭

SCMLife推荐上一条 /1 下一条

QQ|小黑屋|手机版|无图版|SCMLife.com ( 京ICP备06056490号-1 )

GMT+8, 2021-1-26 19:41 , Processed in 0.059358 second(s), 7 queries , Gzip On, MemCache On.

Powered by SCMLife X3.4 Licensed

© 2001-2017 JoyShare.

快速回复 返回顶部 返回列表