SCMLife.com

 找回密码
 立即注册

QQ登录

只需一步,快速开始

扫一扫,访问微社区

查看: 1963|回复: 2

[求助] linux下使用CGI脚本更改svn密码报错

[复制链接]
发表于 2017-12-1 16:38:19 | 显示全部楼层 |阅读模式
大家好,centos7 下我按网上的脚本ChangePasswd.cgi  ChangePasswd.ini  ChangePasswd.log 创建了这三个文件,但是修改密码时,报原始密码错误,明明没有输入错误的。
, p( Y' V) T/ P3 D[root@localhost cgi-bin]# ll ChangePasswd.cgi
! t5 x8 |3 c0 l- I" k: v- `: p1 ]-rwxrwxrwx 1 apache apache 5957 Nov 30 17:25 ChangePasswd.cgi
0 C9 t6 S& y! ]5 {- x9 o[root@localhost cgi-bin]# ll ChangePasswd.ini % t9 z' x( k4 q% }5 V
-rwxrwxrwx 1 apache apache 566 Dec  1 15:03 ChangePasswd.ini7 {* y; p$ |* f" k, [$ B% C& Q
. D/ I6 {7 M4 k8 r! {2 k1 O
. E/ X, j" Z  ]) g% ~1 T* \" T
权限都有的,查看apache的logs也不报错,只页面提示说原始密码错误 ,不知道问题出在哪里了。请求,大家 给看看呀。。
发表于 2017-12-4 10:03:41 | 显示全部楼层
提供的信息太少,没办法回答啊。
回复 支持 反对

使用道具 举报

 楼主| 发表于 2017-12-5 10:56:07 | 显示全部楼层
ChangePasswd.cgi 文件内容:
+ B, q( R* {8 f& Z  }1 ~/ F1 w#!/usr/bin/perl -w
  N  r$ K1 s, `% }1 [# `use strict;1 C* g( R% ~! o, g, @/ P0 v5 m
use CGI;" ^" z) A4 h) n) O2 m
my $time = localtime;
5 a, U- G, ^2 B% e$ Kmy $remote_id = $ENV{REMOTE_HOST} || $ENV{REMOTE_ADDR};
6 V1 v& s7 h$ {% Kmy $admin_email = $ENV{SERVER_ADMIN};
$ e, \8 K6 _6 y% ymy $cgi = new CGI;8 P' l$ B# ]$ R% D% N6 ]
my $pwd_not_alldiginal = "密码不能全为数字";
) |" g6 }" ^" J7 n# u3 j( W+ Mmy $pwd_not_allchar = "密码不能全为字符";. ~; W& h( @/ N5 q+ o! F& M$ F8 V& v
my $user_not_exists ="该用户不存在";
& x" D4 g7 j: M1 n0 ymy $file_not_found ="文件不存在,请联系管理员";
' u3 \7 b! m; a- Omy $authuserfile;
& b- p7 b9 Q4 P" C. Amy $logfile;5 t+ }( E- v$ v2 Q
my $pwdminlen;
  y  x* V: P: e# u. p3 R% R6 Lmy $title;$ R2 G3 p  l! b8 h5 ^
my $description;
, f' C. H' v% xmy $yourname;
) a* S$ T5 D( d; `4 smy $oldpwd;0 n, p& B( ^( V- X4 K6 L
my $newpwd1;+ C5 s- e4 S- {  S' N5 w$ ^1 y
my $newpwd2;
0 G) N* f. q  q1 G( F- |my $btn_change;) N' x% _! U: H+ A) d
my $btn_reset;4 K5 k- z& |1 Q$ {
my $changepwdok;* e8 r, r2 q, K
my $changepwdfailed;  j# v; C: ~* w6 r. A9 Y
my $oldpwderror;
. @6 Q$ g4 z6 ?8 F! Q# wmy $passmustgreater;
. L1 u0 B6 |: X: wmy $twopassnotmatched;
0 p6 ?( @, v" a/ a% R0 s1 jmy $entername;
0 D$ Q' x0 U: _; K, z. k! Vmy $enterpwd;
  v1 @; V' X1 e# Omy $errorpwd;
" `5 [1 q$ Z) w1 v* B( Dmy $back;& k& o3 S0 {. {7 {3 K: Z5 R+ S
( B- Q& @; k6 @9 N& l# D
&IniInfo;
4 u" [9 ~0 U$ f. ?' b/ j  Kif ($cgi -> param())( t, ], D+ g& B+ c
{#8
) r0 X; k/ j9 D* F! A: q1 ^my $User = $cgi->param('UserName');
2 ~  L  r8 a' Z0 i; A3 m: }my $UserPwd = $cgi->param('OldPwd');( q; T. c$ S! o/ x% |
my $UserNewPwd = $cgi->param('NewPwd1');
# ~$ O* J3 F; C$ Y4 `2 M2 zmy $MatchNewPwd = $cgi->param('NewPwd2');
" U0 W0 r6 j6 p" t6 l7 e
" T9 s" W4 S! R& |- |( a7 o1 Cif (!$User)
, b/ W3 Y6 u/ P4 F1 w) o{&Writer_Log("Enter no user name");
: x  T) {2 `# c+ k: Z&otherhtml($title,$entername,$back);}
6 e3 ^( v" m! L  u( Uelsif (!$UserPwd )
) Z8 {5 a/ X( Y, z( V{&Writer_Log("Enter no OldPasswd");6 d4 S2 n) P6 ~0 E( Y2 m
&otherhtml($title,$enterpwd,$back); }
+ l; n1 t! J8 i) P" o) Q' p) melsif (length($UserNewPwd)<$pwdminlen)- |0 y4 t5 O, G( s0 c0 {1 K
{&Writer_Log("Password's length must greater than".$pwdminlen);& N: H% b8 ]  W; t$ o1 S
&otherhtml($title,$passmustgreater.$pwdminlen,$back);}1 m7 \4 V# R: @1 O/ t  J% p
elsif ($UserNewPwd =~/^\d+$/). ~" c+ r# H- f( c
{&Writer_Log("New Passwd isn't all diginal");: t1 L1 o" E4 G
&otherhtml($title,$pwd_not_alldiginal,$back);}
' |1 C. O8 W7 @6 ^6 A" s$ Delsif ($UserNewPwd =~/^[A-Za-z]+$/). {& `) X' l8 r! s8 R# V
{&Writer_Log("New Passwd isn't all char");$ p) s$ n5 s& Q) r
&otherhtml($title,$pwd_not_allchar,$back);}' H# v/ E* [5 E; e' h! Y& D  ]# `( S
elsif ($UserNewPwd ne $MatchNewPwd)
+ ^  i6 v, p  c: _" ~* l{&Writer_Log("Two new passwords are not matched");; i) Q0 i0 s$ V$ ^
&otherhtml($title,$twopassnotmatched,$back);}, [' Q8 k" C( G
else! W7 Q: Z3 `" `3 d2 H
{if($authuserfile)8 ]) p% e$ O' j# ^2 v9 d
{#65 H) k' q6 [- e6 K
open UserFile, "<$authuserfile" or die "打开文件失败:$!";1 F% |: ~% s3 R( i: w) l! _
while (<UserFile>)! e9 m( p+ D5 j& c, O$ {
{#5' i& T9 G5 l  [# k" b7 k
my $varstr=$_;) W* ?  ?7 x+ u9 n7 r1 {6 D0 R$ W
if($varstr =~/($User)/). d. ^% q* n" k. p" J7 {
{#3
1 c& H  w+ j  c$ B+ ^5 `# kmy $eqpos =index($varstr, ":");
4 O1 s7 G4 \; b( w  gmy $UserName = substr($varstr,0,$eqpos);
. w6 I4 P3 d# zmy $cryptpwd = substr($varstr,$eqpos + 1,13);
+ \3 E5 N1 ~! K
9 j- G0 k, @# O! K: v( U5 Unext if($UserName ne $User);) n5 a3 A' c! M6 I' N

5 Z- F/ {4 K0 x0 tif(crypt($UserPwd,$cryptpwd) eq $cryptpwd)- X# ]; r/ r" d: X# O
{#a' ]3 j' ^  O* z0 n2 G2 C
my $rc = system("/usr/bin/htpasswd -b $authuserfile $User $UserNewPwd");: Z2 C& |* G9 e+ d" ?8 d* F! d
if ($rc == 0)# o* Q& \. C4 K. d0 L
{#16 V  _( g: \1 p% y1 q( E0 w, ~! a
&Writer_Log( $User.":Change Passwd");5 b7 U, ~. E0 j2 X4 G$ R" B
&otherhtml($title,$changepwdok,$back);
* ]- j+ A* A( X4 n  Z}#1
" x9 |! y: ?- v$ @else1 @- C4 ]7 q$ U. q) x
{#2
1 r) [% p' J( `" p&Writer_Log( $User.":Change Passwd Failed");
8 y9 f5 t) A6 j- z  T&otherhtml($title,$changepwdfailed,$back);
. C5 r9 B# l" O) s/ g7 S$ |}#26 G  c& A/ J; J" o4 N# ^
exit;  h8 h7 _0 x9 N' G. V
}#a0 b7 K. ^# t- r
else# `6 ^& s. O4 F% j2 x5 o
{#b
# A, s7 C3 ?  y6 V+ y3 O&Writer_Log("Old Passwd is Incorrect ");
0 W6 b" Y3 P/ @0 u1 o$ w&otherhtml($title,$errorpwd,$back);
$ W  Q4 b/ h$ E) u: t}#b
% I  y, r5 h* Yexit;
) ~: j3 \3 J& v}#3' r) l5 t" ?. l6 d9 [8 t1 }0 D* Z! B
else. ~+ r' J! E4 b+ o/ ^& E- h5 x
{#4
$ O3 t4 Z3 {  q* R# ^- O! Bif(eof)( A, x6 z3 e% K" g
{ &Writer_Log($User.":no this user");
* t2 i9 J4 J6 @' K&otherhtml($title,$user_not_exists,$back);& R, ^, `9 l0 G7 x7 @! n
exit;
4 P3 x' B% y' w}
, l3 d, K  H8 Z3 k  J- j6 yelse' y( d9 S$ M( R' u. J3 j
{next;}/ m, p* f* l8 \+ J
}#4
. Z9 |% c2 S( y% D5 z% R! s}#5
' ]0 U2 `# I# z( m3 B5 nclose UserFile;
) U4 H9 `" Q. Q% u2 C: @}#6
8 U. U2 T; H5 V" I2 Q, a' \+ y* }9 Delse5 E) f) G1 `7 k) {" n
{#7
$ H0 ?. c& q0 i" I6 b6 D&Writer_Log($authuserfile.":no found");8 P0 C3 |2 S+ |" M5 X8 v
&otherhtml($title,$file_not_found,$back);1 a$ t  s: B: w, j, n# B! m
}#7  K' K% V5 B  \
}
( @- @, z+ Z  f}#8- L8 J  ?9 n. @1 b- B: N# ]7 W& K
else- ?! x4 |6 ]! E8 A4 z+ W* }7 s
{&Index_Html;}  b- Q: h  Z# T  s$ i- m3 N5 T! h
sub IniInfo{  r' T( q" s' D, m* t
my $inifile = "/var/www/cgi-bin/ChangePasswd.ini";
2 h/ [: a+ p8 o  T! ]/ g! R+ [open CGI_INI_FILE, "<$inifile" or die "打开文件失败:$!";;0 x. k/ j" J6 J" g, }* J5 O$ ^5 l
while (<CGI_INI_FILE>)
) n3 t% V" J* Y7 t* c' u, H5 m{/ I/ K$ q( V8 t# k6 d& z( Y9 M# y5 v" Z
my $eqpos =index($_,'=');6 t# n7 A% D! N# G/ M. x/ h1 Q+ W$ @9 W
my $len = length($_);5 v$ Z: G4 R/ E6 G8 M, |0 `
if ($_ =~/authuserfile/); D1 \: X/ x: s0 Q/ e  T* d
{$authuserfile= substr($_, $eqpos + 1, $len - $eqpos -2);}- t7 g: T7 n7 `1 @" R
elsif ($_ =~/logfile/)! P5 s) C9 }# F! R
{$logfile= substr($_, $eqpos + 1);}# H; o3 d8 c5 F! `7 O# I; o: m! R( a
elsif ($_ =~/pwdminlen/)- @& V* v+ A4 U$ l( B
{$pwdminlen= substr($_, $eqpos + 1);}/ n; K7 z2 A) D# n$ Y& a% E
elsif ($_ =~/title/)
0 j  ~2 N9 {( I{$title = substr($_, $eqpos + 1);}
9 ]& f' _7 j1 {* L' R5 P0 _; \+ K$ Oelsif ($_ =~/description/)
1 B! S0 o# U1 h  _% I8 Y8 X{$description = substr($_, $eqpos + 1);}' w% j7 b+ v, \( K- @
elsif ($_ =~/yourname/)
* m4 _7 s* \; B) r3 H9 O0 f8 _{$yourname = substr($_, $eqpos + 1);}
9 |9 b7 |, o! f6 I3 {( w* ^elsif ($_ =~/oldpwd/)9 \* G; a# C* O! k# @
{$oldpwd= substr($_, $eqpos + 1);}
" V+ a$ S; Y; r1 y0 ^elsif ($_ =~/newpwd1/)# h3 K1 ?; i; U+ L4 D' W' i0 B
{$newpwd1= substr($_, $eqpos + 1);}, P) W! P5 i/ J! Q9 U6 E& @
elsif ($_ =~/newpwd2/)% i3 ?: Z2 f9 ?" q  U8 N  Y) V
{$newpwd2= substr($_, $eqpos + 1);}$ g/ X- u% ~1 \4 w0 H
elsif ($_ =~/btn_change/)' j8 M7 ^; i  F/ r+ y
{$btn_change = substr($_, $eqpos + 1);}$ q' d6 E5 t" W' I; Z4 W" b9 o
elsif ($_ =~/btn_reset/)
6 A4 k" d! R; t: ^! g: B6 F{$btn_reset = substr($_, $eqpos + 1);}# w7 h+ F) ?/ U, J; H1 ?. n$ P0 \
elsif ($_ =~/changepwdok/)
6 W6 D- E  d  _0 a6 _( V; d1 c{$changepwdok = substr($_, $eqpos + 1);}( d7 S$ B) e3 P: |0 ~$ b; {$ g
elsif ($_ =~/changepwdfailed/)5 N. j+ Y; _# ?) S1 X
{$changepwdfailed = substr($_, $eqpos + 1);}* J1 h, `& Y3 m9 h5 x9 \- u$ j; Z3 s
elsif ($_ =~/oldpwderror/)
3 Q1 Y* l9 _+ }: n* y/ }{$oldpwderror = substr($_, $eqpos + 1);}
7 ?+ q2 I' F/ e! \. ?elsif ($_ =~/passmustgreater/)
  c7 Q: H* X1 \% f# y{$passmustgreater = substr($_, $eqpos + 1);}" d! M; t: ^( p% W. p
elsif ($_ =~/twopassnotmatched/)
/ f, \) d. Z% i" G5 G$ G2 T+ F# S{$twopassnotmatched = substr($_, $eqpos + 1);}: a7 X- B  @8 p* S* z! A* V* e
elsif ($_ =~/entername/)
4 H' o2 \1 P0 W1 n* I{$entername = substr($_, $eqpos + 1);}
" e- S. Y- Y$ ^0 v. b9 P6 L/ ]$ helsif ($_ =~/enterpwd/)5 I* _  }: ^6 K. R
{$enterpwd= substr($_, $eqpos + 1);}
6 d0 r) k1 E* y% o6 i, n. c& pelsif ($_ =~/errorpwd/)6 L& B3 q: k6 I  f
{$errorpwd= substr($_, $eqpos + 1);}
! R$ ?5 n9 `9 K4 yelsif ($_ =~/back/)
4 r, o0 [$ M/ Z. y, D$ w! [( Y{$back = substr($_, $eqpos + 1);}% y1 Q0 u! Q! m0 c/ [
}
! @2 j5 d  y8 a0 L4 bclose CGI_INI_FILE;5 D3 L  F7 k- X% e, `/ |
}" s* x8 V! l4 M' ~
sub Index_Html
. n' K8 r2 z) I{
3 x4 G, _1 F( I) `  _  t5 vprint "Content-type: text/html\n\n";
, I0 ]% @$ k$ W1 Jprint <<END_OF_PAGE;
$ {- H" E8 l2 t<html >
9 `* k# u) }6 x: f# W8 v<head>
" m  X$ d& l% ?- E+ d<title>$title</title>
( R" @$ N: n+ v6 y3 h! {<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
* X8 u5 {6 @3 n' {1 x# E+ {</head>. h( u  b  o, g1 z  s
<body>+ w! T; v3 j6 t  y0 }/ \
<HR># q9 g5 P5 g" ]0 G3 |$ ^

, J7 ~" o: x/ S" |5 d<center><h1>$description</h1>/ j. s2 X. `1 }( V" W
</center>
; N3 z5 }8 S* r( t. }<form method="POST" enctype="multipart/form-data" action="/cgi-bin/ChangePasswd.cgi">
4 H2 w/ \' A. m' E<br>" D, Z  _8 B, Y( Z* V# q3 a/ A
<TABLE align="center">
( y1 D6 h( p5 I, N$ W) q. O<TR><TD class="t_text">$yourname</TD><TD><input type="text" name="UserName" /></TD></TR>$ |# o- m: A$ R% R; q9 u& x
<TR><TD class="t_text">$oldpwd</TD><TD><input type="password" name="OldPwd" /></TD></TR>2 |+ W, c! o- Q' z1 Y6 H/ {
<TR><TD class="t_text">$newpwd1</TD><TD><input type="password" name="NewPwd1" /></TD></TR>  Z* r; }4 V2 J( R1 M3 K/ D
<TR><TD class="t_text">$newpwd2</TD><TD><input type="password" name="NewPwd2" /></TD></TR>
* G5 H6 L3 |$ l3 g; ~2 \</TABLE>
. Y# W1 V1 {( m' n9 Q<br>
) C7 g/ ]# E: O! L5 z/ T<TABLE align="center">
& {! c' a7 S- ?3 y<TR><TD><input type="submit" name="chgpasswd" value="$btn_change"> <input type="reset" value="$btn_reset"></TD></TR>
! q4 [, D% F+ v7 t8 M+ v7 |) t. C6 m</TABLE>' l: p- V6 [& `3 w
</form>$ f  \! m, Z2 c! t7 H
<HR>
, A9 v* j% S  j+ D% ?' H<center><font color="#FF0000">注意:新密码位数必需大于$pwdminlen,且为字母与数字组合</font>
7 ~1 B' O; X8 T$ j: a% u% i</body>
; M" ~+ p6 D* [</html>6 m2 }' v5 z" d7 w
END_OF_PAGE/ b( Z+ n+ k* w
}/ a6 r0 I& O! U' w' W
sub otherhtml{
8 b! ^  t+ b$ b; c# e: I6 zprint "Content-type: text/html\n\n";# l' O; F5 U$ r1 Y/ Q- \
print <<END_OF_PAGE;  c/ A" U9 `1 V$ O# ?3 N% F
<html>
3 O+ q. ~" K( h7 W3 }1 p- T  D<head>
- I) O5 u! f7 J1 |<meta http-equiv="Content-Language" content="zh-cn">$ _& m- G1 J- C$ ~- t7 n
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
! }" x& O8 G( O+ A<title>$_[0]</title>
2 f5 P" k) X  F! y  P4 ]0 R9 C</head>( F3 _8 X5 a! k# V3 _) h
<body>' u  n( j9 Z5 D$ w
<p align="center"><font size="5">$_[1]</font></p>
* E* o  |7 N6 ]7 f<p align="center"><a href="/cgi-bin/ChangePasswd.cgi"><font size="4">$_[2]</font></a></p>
: U+ G, K! d0 m1 l, s( q2 e1 F$ w<HR>
3 ^. j9 y. y7 F$ i" X7 [! x<center>
& j: i4 A  I1 |7 `+ u* D/ G<P>如有问题请与管理员联系E-Mail: <A HREF="$admin_email.% C$ G, z+ F0 h
mailto:$admin_email">$admin_email</A>.</P></center>
" A7 p# j$ _/ h. a
2 K  O" ]* U& `9 k</body>
- y4 N  V# d" J; E  - P* Q% V1 x" \) U7 L
</html>: ?- o8 F! r( c% \& B% r9 l( T
END_OF_PAGE
; l, {9 k' ?& x' f9 }3 k, z5 U}2 j1 k# G6 [$ k% n& [. D
sub Writer_Log{
. d/ K9 Z" I% Aif($logfile)) b0 E3 A% ~' @3 f5 b3 {- @
{
7 |" v2 X" P, |8 ~my $loginfo ="[".$time."] "." [".$remote_id."] "." || ".$_[0];& c6 x/ Z# u0 k7 e
open LOGFILE,">>$logfile" or die "Couldn't open LOG FILE for writing: $!";- J5 S' T5 e  ]. d& v  t% U
print LOGFILE ("$loginfo\n");
2 a( x/ f" r4 Uclose LOGFILE;
! X3 }$ [: T. ^1 N2 g}) C; \' R" e- W0 a6 {: j
}! e- W  ?8 ~' L

8 k" V; Q- i2 z' J! A% W" V  AChangePasswd.ini:文件内容
2 Y  p- t4 ^3 i: [9 i$ |[path]0 s5 S( f7 \4 ^/ Z
authuserfile=/data/svn/passwd
0 Z0 t6 B% i) t9 b. n  P6 G: U2 ~logfile=/var/www/cgi-bin/ChangePasswd.log
$ D$ u$ M: t, b8 Y[setup]  O9 r' @: I9 y' c- Y
pwdminlen=6$ P* E, c, Y2 x( l3 O
[html]
$ i' w- j) L5 j# w9 i, {6 Ftitle=SVN用户密码自助修改
1 @- r  T! q$ o4 _9 jdescription=SVN用户密码自助修改
" ^, i* L6 s8 l2 ]# l+ W1 D+ lyourname=用户名:
9 I5 P# [# p2 s9 A2 \2 b: [oldpwd=旧密码:
8 a; F) Q8 X$ x1 W7 c6 Inewpwd1=新密码:
0 G  j2 w% P" u) F) J( E2 ~newpwd2=确认新密码:: w" H' x/ X0 j- l6 r, O
btn_change=修 改
2 p" e5 Q8 |1 z9 O- v3 P# Obtn_reset=重 置
- A% N7 P3 s- y* Echangepwdok=修改密码成功
2 ?0 O' S& z$ {  Ichangepwdfailed=修改密码失败/ M+ ^, |$ ^2 N- {3 Q) Y3 ?
servererror=服务器错误
" }7 a0 x- t  m1 bpassmustgreater=新密码位数必须大于$ n& j6 o7 L6 J3 G+ |+ q2 e
twopassnotmatched=两密码不一致
- N& a' I: a0 F$ d/ p, C3 \" ]entername=请输入用户名6 I7 ?) P6 ~+ N7 r; {- I
enterpwd=密码未输入2 f9 F# A; {$ A$ v1 l6 [
errorpwd=你的密码不正确7 o  D! Y) Y+ N& T
back=返回
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

关闭

SCMLife推荐上一条 /4 下一条

QQ|小黑屋|手机版|无图版|SCMLife.com ( 京ICP备06056490号-1 )

GMT+8, 2018-6-24 15:24 , Processed in 0.064249 second(s), 6 queries , Gzip On, MemCache On.

Powered by SCMLife X3.4 Licensed

© 2001-2017 JoyShare.

快速回复 返回顶部 返回列表