SCMLife.com

 找回密码
 立即注册

QQ登录

只需一步,快速开始

扫一扫,访问微社区

查看: 3154|回复: 2

[求助] linux下使用CGI脚本更改svn密码报错

[复制链接]
发表于 2017-12-1 16:38:19 | 显示全部楼层 |阅读模式
大家好,centos7 下我按网上的脚本ChangePasswd.cgi  ChangePasswd.ini  ChangePasswd.log 创建了这三个文件,但是修改密码时,报原始密码错误,明明没有输入错误的。
, @+ D9 K8 |( V) l, G: b" c- ]" L[root@localhost cgi-bin]# ll ChangePasswd.cgi + S, s' f# c" s; i
-rwxrwxrwx 1 apache apache 5957 Nov 30 17:25 ChangePasswd.cgi
  Y8 d+ c& Z* T; {% e5 v, y[root@localhost cgi-bin]# ll ChangePasswd.ini , `( k/ m& l2 m  I# [5 {
-rwxrwxrwx 1 apache apache 566 Dec  1 15:03 ChangePasswd.ini
) ^# \7 T! X3 h( x2 \
% c( }0 G; L" i! [$ l: o2 A& }) l! r3 q$ T0 l3 n$ g
权限都有的,查看apache的logs也不报错,只页面提示说原始密码错误 ,不知道问题出在哪里了。请求,大家 给看看呀。。
发表于 2017-12-4 10:03:41 | 显示全部楼层
提供的信息太少,没办法回答啊。
回复 支持 反对

使用道具 举报

 楼主| 发表于 2017-12-5 10:56:07 | 显示全部楼层
ChangePasswd.cgi 文件内容:; \- p  |$ M; q6 R4 U+ u; \8 C
#!/usr/bin/perl -w
- n9 d/ g5 C: ]5 c$ C' ?use strict;2 N; h$ T% H4 P0 i4 {
use CGI;0 [# U+ [. \0 M* h/ l9 B
my $time = localtime;9 Z# K' L  o! k& p4 m) o8 V
my $remote_id = $ENV{REMOTE_HOST} || $ENV{REMOTE_ADDR};
- j+ S' S- J" t. j6 I. }2 X+ i( Dmy $admin_email = $ENV{SERVER_ADMIN};
+ N( j4 |0 f- W; q6 rmy $cgi = new CGI;
6 N2 ~/ Z2 r6 B% _( q$ f& Imy $pwd_not_alldiginal = "密码不能全为数字";
8 m1 G% h- d# _; g3 `8 |4 Gmy $pwd_not_allchar = "密码不能全为字符";. {0 [5 H4 g+ @- E. F) Z. n7 p' f
my $user_not_exists ="该用户不存在";, a8 H3 I) z7 p- d3 C4 v! N, j
my $file_not_found ="文件不存在,请联系管理员";
' f" }0 @9 C0 N: K( }8 [6 amy $authuserfile;8 [* Q) _8 ?- q4 r0 M
my $logfile;
* }5 M# }) W/ Y- N2 {) B) tmy $pwdminlen;
* H( s  u2 i7 q2 Pmy $title;: F1 G2 P* U! x+ A
my $description;
4 y3 O2 A( d" n; s3 ]; X2 f* lmy $yourname;" z! r1 Q0 B) b
my $oldpwd;
7 k! ?9 }1 l0 i: F- j: l: smy $newpwd1;
5 t7 s" S) P% @/ hmy $newpwd2;
- {: e3 Q% w+ S) h0 U8 Cmy $btn_change;( L( P2 W- d, Y. W4 S2 D; A6 ~6 ?
my $btn_reset;
7 a. Y3 w' S" A% o+ Jmy $changepwdok;
; k9 i" H# S% y  i3 a' T9 ^; ymy $changepwdfailed;
! A, L( ]2 W7 ^, O: c, `+ U2 T$ y9 lmy $oldpwderror;
& q; D/ a9 q8 Z  j8 g. U, \my $passmustgreater;
9 p+ }0 @5 p& }my $twopassnotmatched;
+ b6 Z- ]% o' V; H4 P4 }my $entername;9 F# d1 V; Z5 `8 S
my $enterpwd;3 w6 ?0 @$ @, ~( N, ?
my $errorpwd;
5 L: n, \5 s( p& X8 rmy $back;/ V7 B$ d% u* _

( X" H4 }  R6 R: }, j&IniInfo;+ D2 g# S4 ^* b/ z6 Y
if ($cgi -> param())
8 d  s1 X# H2 h! P" @9 M2 k{#89 p  U( o0 t, F0 S' I- I
my $User = $cgi->param('UserName');
) r' ~# G* X2 w' X( j. C5 V5 u3 a3 }my $UserPwd = $cgi->param('OldPwd');
5 M& K8 U- ?/ U; _" u4 {3 m8 Wmy $UserNewPwd = $cgi->param('NewPwd1');
5 y. }" q+ ^# w* amy $MatchNewPwd = $cgi->param('NewPwd2');  J3 y3 X" |. B! t7 @% ^
0 m, J) L  ]$ W1 X
if (!$User)
( D3 K3 v5 x& S1 n3 y4 j9 M. N{&Writer_Log("Enter no user name");
0 Y' a% C4 b' }+ f&otherhtml($title,$entername,$back);}5 D* H# K. ^# U! ?) @0 R# L
elsif (!$UserPwd )
" B0 R* l, f; K% r/ e: l{&Writer_Log("Enter no OldPasswd");% t' ~0 U7 K5 D) E7 X* u
&otherhtml($title,$enterpwd,$back); }
5 I4 B0 b3 {# `$ L  l2 Qelsif (length($UserNewPwd)<$pwdminlen)5 C; t( g9 Q. @% ?) A+ I
{&Writer_Log("Password's length must greater than".$pwdminlen);5 A4 ?5 e6 W7 q8 V
&otherhtml($title,$passmustgreater.$pwdminlen,$back);}
; n: p: {. {+ l9 H2 b; Welsif ($UserNewPwd =~/^\d+$/)
" ^$ K' U4 y4 W5 R  B8 J& P. A{&Writer_Log("New Passwd isn't all diginal");: b- O5 S2 u5 ^! U, T' H3 K3 P) ~" u
&otherhtml($title,$pwd_not_alldiginal,$back);}; f8 Y0 k! g/ a+ I1 K3 T
elsif ($UserNewPwd =~/^[A-Za-z]+$/)
( Y: s: ?4 p4 F- z: x- G9 ?! t{&Writer_Log("New Passwd isn't all char");9 o; d# p! b* E# C% C
&otherhtml($title,$pwd_not_allchar,$back);}8 L5 j1 |! f7 v  Z8 B% a, t% H
elsif ($UserNewPwd ne $MatchNewPwd)
( G: t7 D) U/ x5 F* J; H, @' U{&Writer_Log("Two new passwords are not matched");
: F$ ^8 j. E. T9 ^; Y, @/ \2 `+ U&otherhtml($title,$twopassnotmatched,$back);}. `  y+ m+ J: @6 Z/ ~6 S$ H5 F9 |
else
( p9 l# E; p( `( H) ?$ s{if($authuserfile)' V! X/ H2 H3 B* o% b9 J% o! n
{#67 o+ d; C: y, }# g8 t& {
open UserFile, "<$authuserfile" or die "打开文件失败:$!";- W. {. O) ^0 e7 }# w3 z
while (<UserFile>)
5 e5 ]  Z$ I: A% x{#5
2 |1 z) F! y, z2 D. C7 mmy $varstr=$_;% X& H) w6 O- p# K, k  H
if($varstr =~/($User)/)# I5 o( h$ ]7 }
{#3
! [  j2 G& J: y: fmy $eqpos =index($varstr, ":");
9 z! e+ w" r* e4 g0 u' Omy $UserName = substr($varstr,0,$eqpos);
7 m( j3 D# R' [+ S9 c+ Rmy $cryptpwd = substr($varstr,$eqpos + 1,13);
9 z+ n% C( q: @' H% R& k$ c
6 n: |! \' e* |. W7 F" tnext if($UserName ne $User);
. }3 C5 l! V- k& R; Y) G" g% k . F: c# t. \3 D+ F# o. Y& o8 O6 u
if(crypt($UserPwd,$cryptpwd) eq $cryptpwd)4 A0 ?' U) \" h! s1 H3 T6 S! y% c6 U, @
{#a
# j# ]8 y7 z1 d! n8 dmy $rc = system("/usr/bin/htpasswd -b $authuserfile $User $UserNewPwd");$ ~( _1 x+ u/ {. s
if ($rc == 0)& Q, t& A" s5 o- d
{#1
. y& k2 F' y! S6 x$ j&Writer_Log( $User.":Change Passwd");
% z0 P' w1 C8 T; ~& @. ]7 t&otherhtml($title,$changepwdok,$back);
* J9 g7 t/ m  F6 f6 J}#1
+ w7 H. R3 D; \# }8 J6 `else
6 X0 l8 v! |9 H9 S+ D7 c{#2# x, g3 B5 ]: ^1 Q
&Writer_Log( $User.":Change Passwd Failed");. W1 Q0 W! ]" O; b) c+ `: h2 X+ w
&otherhtml($title,$changepwdfailed,$back);" c6 Z/ {" ^: [
}#2$ r4 [; F: F) c4 _$ w- X2 Z! H! n4 J
exit;; \7 J( j: Z9 o& d. E$ A
}#a# h# _9 O5 x- t; k) {2 v
else# C. `% c( |$ [6 R
{#b; {' T) _0 Y6 d& B( J
&Writer_Log("Old Passwd is Incorrect ");7 q+ O( |: @- z) u% U# c
&otherhtml($title,$errorpwd,$back);% j2 Q/ ]8 |; p1 m5 l  [9 L
}#b
( I! I* q! Z  Fexit;
* U2 P! t/ B, E5 Q) n- h( h/ c}#37 s. u/ w9 n# w. L( j
else8 h3 I2 ~2 i6 p9 a, C) r
{#4
: f# o0 ?. s6 r+ v$ B" B! V8 j' Rif(eof)
# e3 O4 j" F6 T7 I6 j1 @{ &Writer_Log($User.":no this user");
' i% [+ L+ i' Z* d&otherhtml($title,$user_not_exists,$back);
& P  K+ X5 h9 Z4 `8 H6 ~/ U6 i2 G' {exit;1 j: O# s- x1 k& V' R) a4 o" K4 B
}
7 o" l' Z2 a$ q9 W5 j1 Oelse
( P# r: {. V3 ~3 e, S+ x# S; b) H8 c{next;}  t  A8 `$ |# P" s4 l& P. l, W. V
}#4
  d9 h) T2 d. G8 g; V}#5) J$ n- S; S) h+ ~0 Y
close UserFile;
4 Q/ B4 d( r0 G/ Q/ u, `}#64 V+ j. X9 Y% ~& P3 e$ O! x
else0 `8 p+ U4 {# G
{#7
. L7 J4 ?9 Q! V* `5 ]! ^&Writer_Log($authuserfile.":no found");- b: d2 _) [1 ^* a/ k
&otherhtml($title,$file_not_found,$back);
$ L& |7 L! |! q1 {/ }}#7, \  I, |$ C4 ?+ P: M* y0 X
}
8 y8 e" u5 `8 M4 W8 M}#8- Z6 E3 i# H3 ~; S( ~$ d. Z( U& G
else
+ r2 q: O( A/ \/ V# x{&Index_Html;}
" p1 ~3 z; H; `# j3 p# ?+ s1 xsub IniInfo{) I4 F% L8 V/ F* I: G
my $inifile = "/var/www/cgi-bin/ChangePasswd.ini";
3 }9 @) f. {* {8 K" R1 \open CGI_INI_FILE, "<$inifile" or die "打开文件失败:$!";;. Z; T. E8 n/ R& ?: U4 f' M+ m
while (<CGI_INI_FILE>)
( x, N* x4 ^, ?6 R5 j* m{
. B( S+ F* _/ _, P& J5 D' \: Vmy $eqpos =index($_,'=');
3 C* b1 r8 ?0 T2 R9 d4 P3 f, {, V# }my $len = length($_);7 Y+ B. i9 p2 j2 I9 s0 [
if ($_ =~/authuserfile/)
+ r: J& C5 P3 b( |# C) H{$authuserfile= substr($_, $eqpos + 1, $len - $eqpos -2);}
" j" P9 Z. r+ n: xelsif ($_ =~/logfile/)) o9 T1 F" C+ x$ q7 d# a% j
{$logfile= substr($_, $eqpos + 1);}
! b' s! n/ M% N: Z9 ?7 ?) O# celsif ($_ =~/pwdminlen/)' M$ t  x' C0 I3 M1 Y
{$pwdminlen= substr($_, $eqpos + 1);}
2 q' D6 m) E9 g( C+ ^elsif ($_ =~/title/)
7 K2 Q# E: [" _. r8 r) ]{$title = substr($_, $eqpos + 1);}
4 b. h  _+ h) @" S8 v% x- _elsif ($_ =~/description/)
4 `# P9 B9 f, B3 w. T. L  D{$description = substr($_, $eqpos + 1);}
' L! B% E+ G0 J* x4 m% F$ [elsif ($_ =~/yourname/)" K* M8 N5 d6 p" M
{$yourname = substr($_, $eqpos + 1);}+ l+ Y+ N. r; g6 _$ _
elsif ($_ =~/oldpwd/)
9 J- N# s) Y' l{$oldpwd= substr($_, $eqpos + 1);}& t. B) C) R4 P7 m! E% o' E( G
elsif ($_ =~/newpwd1/)
) B& G6 P6 S7 w0 ~! i0 I7 [  f{$newpwd1= substr($_, $eqpos + 1);}# M4 T5 r! M, i/ V2 F# @
elsif ($_ =~/newpwd2/)
& F( K; t) I# U+ u* ~{$newpwd2= substr($_, $eqpos + 1);}+ d( k' c1 P9 G; q4 ^# j$ Z
elsif ($_ =~/btn_change/)% T! K$ @/ y0 k' O6 K
{$btn_change = substr($_, $eqpos + 1);}
7 b& u" O6 J5 s1 y# Delsif ($_ =~/btn_reset/)2 O/ b% _5 ^' R, N
{$btn_reset = substr($_, $eqpos + 1);}
& m0 {$ A! Z4 D6 Lelsif ($_ =~/changepwdok/)
/ A: u- l/ z- u{$changepwdok = substr($_, $eqpos + 1);}6 J) B+ q8 j7 t5 C& X, ~: ~, d
elsif ($_ =~/changepwdfailed/)
9 Q- t! U5 J& Y# O7 l- D4 x$ `{$changepwdfailed = substr($_, $eqpos + 1);}
8 r0 j5 X8 j  j" u1 Oelsif ($_ =~/oldpwderror/)
/ l2 Z2 M* K+ q3 i0 g{$oldpwderror = substr($_, $eqpos + 1);}
( a. @: s) f& N' ]( m2 Yelsif ($_ =~/passmustgreater/): |7 s5 Q' z+ }
{$passmustgreater = substr($_, $eqpos + 1);}
# a: I$ p* f8 L$ G3 `elsif ($_ =~/twopassnotmatched/)9 {* x8 U! G: ]7 T" {. H5 b. q
{$twopassnotmatched = substr($_, $eqpos + 1);}/ C4 n1 p2 w. W2 {0 }% R
elsif ($_ =~/entername/)
1 w5 s. x+ [' `4 M* \{$entername = substr($_, $eqpos + 1);}
% L+ v. T4 ~  i. P: Q3 qelsif ($_ =~/enterpwd/)
* F) I# n$ c, b/ Y+ z: ~{$enterpwd= substr($_, $eqpos + 1);}
6 V' B' q! w+ A; u  ~( u& velsif ($_ =~/errorpwd/): F) j* h/ H! a2 d8 S; L, p
{$errorpwd= substr($_, $eqpos + 1);}/ X  _4 B# _& H6 C% k
elsif ($_ =~/back/)$ Z( e/ c# I: a
{$back = substr($_, $eqpos + 1);}$ i0 b1 ]$ v! H) ^
}2 K  i4 @! h( N4 p0 A
close CGI_INI_FILE;
5 t/ @5 j7 h2 X' u$ c& ?9 ]}, v- x1 f5 j- [
sub Index_Html4 p9 i: @' F* A8 r' |
{
+ s$ w, Z% {' |; t; Q8 A, {print "Content-type: text/html\n\n";
& u7 l0 F7 M) R6 A9 @' [4 t$ gprint <<END_OF_PAGE;: I( J& M  H/ v, x4 R% g  n/ L
<html >% ~0 E) N# }9 }5 Q5 d6 ?* W
<head>* A7 M$ d) N8 ?* u
<title>$title</title>
3 R, e5 b: s: z3 `7 X+ }/ t<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
, d# q0 ]* N; F1 h</head>
. c, d" J2 h9 f# _; H) |<body>! y% H5 {6 s5 `  W
<HR>% W6 D! i6 K  `+ z) V: C

2 o) Q! c% g4 F5 _- S<center><h1>$description</h1>
6 t/ S" t0 z" r& S8 Z</center>
& j9 q' ^. _/ c8 ?' ^<form method="POST" enctype="multipart/form-data" action="/cgi-bin/ChangePasswd.cgi">
$ T9 L- q1 z* c; `/ w* t<br>1 q0 o( x+ a* ^1 Y3 D0 B" }! D+ E7 w
<TABLE align="center">5 V" q+ r$ R7 A- ?9 h% e$ j
<TR><TD class="t_text">$yourname</TD><TD><input type="text" name="UserName" /></TD></TR>
; S$ b% T( w- Z$ o9 |3 |+ d, Y6 \, Y<TR><TD class="t_text">$oldpwd</TD><TD><input type="password" name="OldPwd" /></TD></TR>9 u! E* Y# j8 q! {2 P
<TR><TD class="t_text">$newpwd1</TD><TD><input type="password" name="NewPwd1" /></TD></TR>
0 R9 Y  s6 K  y9 v, \3 `% ]6 }<TR><TD class="t_text">$newpwd2</TD><TD><input type="password" name="NewPwd2" /></TD></TR>
3 ?$ y  B2 @, H0 t% Z5 N</TABLE>4 Y$ [$ ~6 [9 M/ F* k5 z0 l
<br>
  F( k) {$ U1 d<TABLE align="center">; x, c2 W& }1 Q% U! ~& N& ~$ l
<TR><TD><input type="submit" name="chgpasswd" value="$btn_change"> <input type="reset" value="$btn_reset"></TD></TR>
2 d4 O9 p3 Z1 H4 x</TABLE>
$ k; J3 Z+ _" M" R1 j3 Q% Z( m( s9 k- O</form>
, |$ ~3 g5 C" v- e<HR>6 R3 ?0 Q" n- @
<center><font color="#FF0000">注意:新密码位数必需大于$pwdminlen,且为字母与数字组合</font>2 \1 s0 k9 k: o) u. W$ i
</body>
" o. f$ B" i# Q; S% L6 D: p</html>
; p5 e# O5 p/ K2 \END_OF_PAGE
1 @; k) ^" y7 E0 M: Q; o}
6 P: H4 z* D2 b" @" `% `$ msub otherhtml{  G3 K4 t4 L" Q- K
print "Content-type: text/html\n\n";4 c8 E6 f/ a6 {$ z8 c
print <<END_OF_PAGE;
9 @' I5 [0 j: n: n0 o6 Y; ~# p<html>& \& X$ @- [0 X2 @
<head>4 [; J4 }( R, s: I6 p# U
<meta http-equiv="Content-Language" content="zh-cn">
) _% R* I3 `2 K7 a) T4 A3 Z  j<meta http-equiv="Content-Type" content="text/html; charset=gb2312">8 i* _  a; a  |
<title>$_[0]</title>
3 I$ p/ p# y# a; V</head>
! U6 A0 O' n8 n" n<body>+ l0 K6 U" ~8 i, Q3 \; h# Z, @
<p align="center"><font size="5">$_[1]</font></p>4 v& P0 S! }- j$ @/ k8 ?" x
<p align="center"><a href="/cgi-bin/ChangePasswd.cgi"><font size="4">$_[2]</font></a></p>
( ]. s- i% n, r5 e: w& E<HR>
% ?( [2 `7 e% N4 [4 W5 ]* W& O/ _<center>
; f$ B0 C. h  b3 T# P/ V<P>如有问题请与管理员联系E-Mail: <A HREF="$admin_email.
/ A6 Q+ f# f  hmailto:$admin_email">$admin_email</A>.</P></center>( Y. F6 |2 @4 K/ v& Q, ]7 O7 j

1 ?8 e: g) L. N1 m</body>
, R, Z. D8 u  g9 x  1 U3 \/ c6 R$ ~0 _
</html>+ [6 Q6 h6 W: F0 C
END_OF_PAGE
/ _6 o% ^; |7 ^3 n; k; G( V}& {1 H3 y7 `3 o" Y
sub Writer_Log{1 R) f& {; \% ?( m/ h; ?
if($logfile)6 X* d7 o$ {6 G# @
{
( Q+ h& c8 ?8 j8 `3 ]9 Mmy $loginfo ="[".$time."] "." [".$remote_id."] "." || ".$_[0];
; m* W7 |- p+ A, G* popen LOGFILE,">>$logfile" or die "Couldn't open LOG FILE for writing: $!";7 R, S* ~; O+ z  x; ^4 J
print LOGFILE ("$loginfo\n");: X4 t6 C9 K5 |9 |" O* N2 V& \( P+ y
close LOGFILE;
! u7 Y$ r9 ]% W}) W1 w& ?* N5 u: |
}  p& v" N+ o& x

: E/ [  ?9 w* P9 X& t) T. O0 |ChangePasswd.ini:文件内容7 g+ a# d: b7 X; q
[path]( L: F3 C! F0 s4 G! J+ M  w; {& L: g
authuserfile=/data/svn/passwd* R  m. |# ]3 G, A( E1 u" W; j
logfile=/var/www/cgi-bin/ChangePasswd.log! A% f. V( j& i% W' _: {5 S
[setup]
, D; {% H6 b& P9 T7 I: tpwdminlen=6* O! F0 O( K+ k9 s& P  e+ {
[html]
- C' q2 U$ Y& ?. H  S4 i& f- Utitle=SVN用户密码自助修改* h5 Q7 E- r  h8 }& N
description=SVN用户密码自助修改' d7 \3 S" D: b$ I# c) s
yourname=用户名:* x7 {+ ^# c2 [' Q+ j$ T
oldpwd=旧密码:0 q) J6 a" L3 O4 S
newpwd1=新密码:
5 c0 t/ Q6 n9 ^8 G( m! f* znewpwd2=确认新密码:
! R' y: D6 Z# \, k2 y* [+ R+ abtn_change=修 改
8 d" D- }  |# j* E* a- Abtn_reset=重 置
0 _$ s. g2 I: |7 @/ w; I, pchangepwdok=修改密码成功
; z# G4 L5 E: ?0 j" ~changepwdfailed=修改密码失败1 u5 S# f* o4 H2 E6 A
servererror=服务器错误
% b6 j* o! S1 _" Ppassmustgreater=新密码位数必须大于+ w  I) [+ u0 G7 [# N
twopassnotmatched=两密码不一致
3 j) Z5 k1 w0 |7 {/ m4 r- yentername=请输入用户名
( b4 X  M3 @2 f- ]6 Lenterpwd=密码未输入
; E( G/ W- T$ V2 G; kerrorpwd=你的密码不正确& c/ i0 Y1 [, c1 {: ~
back=返回
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

关闭

SCMLife推荐上一条 /4 下一条

QQ|小黑屋|手机版|无图版|SCMLife.com ( 京ICP备06056490号-1 )

GMT+8, 2019-4-24 15:05 , Processed in 0.059954 second(s), 6 queries , Gzip On, MemCache On.

Powered by SCMLife X3.4 Licensed

© 2001-2017 JoyShare.

快速回复 返回顶部 返回列表