#!/usr/bin/perl
######################
# By BumbleBeeWare.com 2006
# Simple password protection by adding users to .htpassword file
# adduser.cgi
######################
# configure
# the password file that will store your passwords
# can be in any non readable directory usually with other data
$htpassfile = "/your_web_dir/dir_to_protect/.htpassword";
# end configuration
######################
# parse the form input
&parseform;
print "Content-Type: text/html\n\n";
# print the form to add user
if($ENV{"REQUEST_METHOD"} ne "POST") {
print '';
exit;
}
# check to make sure the name is not already in use
&checkusers;
# encrypt the password
&cryptpass;
# add the username and password pair to .htpassword file
&addpass;
# print response
print "$form{'username'} has been added to the password list";
exit;
sub cryptpass {
@saltchars=(a..z,A..Z,0..9,'.','/');
$salt=$saltchars[int(rand($#saltchars+1))];
$salt.=$saltchars[int(rand($#saltchars+1))];
$cryptedpass = crypt($form{'password'},$salt);
}
sub addpass {
open (FILE, ">>$htpassfile")|| die "Unable to open file: $htpassfile $!";
flock(FILE, 2);
print FILE "$form{'username'}:$cryptedpass\n";
flock(FILE, 8);
close (FILE);
}
sub checkusers {
open (USERS, "$htpassfile")|| die "Unable to open file: $htpassfile $!";
@users=;
foreach $user (@users) {
($checkusername,$checkpass)=split(/:/,$user);
if ($checkusername eq $form{'username'}){
print "$form{'username'} is already in use.";
exit;
}
}}
sub parseform {
read (STDIN, $buffer, {'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs){
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$form{$name} = $value;}
}