1[html::author "Colin McCormack"] 2[mypage::header "user editor"] 3[ 4 if {0} { 5 this template takes the following get parameters: 6 userfile - the file of passwords to update 7 groupfile - the file of groups to update 8 name - the user name to edit 9 action - the action to perform {del/add/edit} 10 password - the user's plaintext password 11 password1 - the password repeated 12 oldpassword - the old password, for editing 13 extra - extra information to file with the password 14 } 15 set userfile [ncgi::value userfile userextra] 16 parseFile $userfile users userextra 17 18 set groupfile [ncgi::value groupfile] 19 parseFile $userfile groups groupextra 20] 21 22[ 23 # write userfile if necessary 24 set name [string tolower [ncgi::value name]] 25 set group [string tolower [ncgi::value group]] 26 set action [ncgi::value action] 27 set password [ncgi::value password] 28 if {$name != ""} { 29 switch $action { 30 Del { 31 # user must exist 32 if {![info exists users($name)]} { 33 return "<p>Can't delete '[protect_text $name]': doesn't exist.</p>" 34 } 35 36 # user must supply an old password 37 if {![::validation::chkPasswd $password $users($name)]} { 38 return "<p>Can't delete '[protect_text $name]': Passwords don't match.</p>" 39 } 40 unset users($name) 41 foreach n $groups($group) { 42 if {$name != $n} { 43 lappend names $n 44 } 45 } 46 set groups($group) $names 47 catch {unset names} 48 set result "Deleted $name's record" 49 set saveGroup 1 50 } 51 Edit { 52 # user must exist 53 if {![info exists users($name)]} { 54 return "<p>Can't edit [protect_text $name]: doesn't exist.</p>" 55 } 56 57 # user must supply an old password 58 if {![::validation::chkPasswd $password $users($name)]} { 59 return "<p>Can't change '[protect_text $name]': Passwords don't match.</p>" 60 } 61 set users($name) [$genPasswd $password] 62 set saveGroup 0 63 set result "Changed $name's record" 64 } 65 default { 66 # name must not contain bad characters 67 if {![string is alnum -strict]} { 68 return "<p>Name [protect_text $name] contains invalid characters.</p>" 69 } 70 71 # user must not exist yet 72 if {[info exists users($name)]} { 73 return "<p>User [protect_text $name] already exists.</p>" 74 } 75 76 # passwords must match 77 if {$password != $password1} { 78 return "<p>Passwords don't match.</p>" 79 } 80 81 set users($name) [$genPasswd $password] 82 lappend groups($group) $name 83 set saveGroup 1 84 set result "Created $name's record" 85 } 86 } 87 88 # save the userfile if necessary 89 validation::writefile $userfile users userextra 90 if {$saveGroup} { 91 validation::writefile $groupfile groups groupextra 92 } 93 94 return "<p>$result</p>" 95 } else { 96 return "" 97 } 98] 99[ 100 ncgi::setValue name "" 101 ncgi::setValue password "" 102] 103 104[ 105 ncgi::setValue action 0 106 catch {unset html} 107 108 foreach {key value} [array get users] { 109 append html [subst { 110 <form action="$page(url)" method=POST> 111 <input type=hidden name=userfile value="[html::quoteFormValue $userfile]"> 112 <input type=hidden name=name value="[html::quoteFormValue $key]"> 113 <input type=submit value="[html::quoteFormValue $key]"> 114 <input type=text name=password value=""> 115 <input type=checkbox name=action value=Del>Del 116 </form> 117 }] 118 } 119 120 append html [subst {<form action="$page(url)" method=POST> 121 <input type=hidden name=userfile value="[html::quoteFormValue $userfile]"> 122 <input type=text name=name value=""> 123 <input type=text name=password value=""> 124 <input type=submit name=action value=Add> 125 </form> 126 }] 127 128 return $html 129] 130<p><a href="index.html">Return to htaccess editor</a></p> 131[ 132 #ncgi::setValue debug 1 133 if {[ncgi::value debug] == 1} { 134 # debugging output 135 return [subst { 136 <b>Users</b><br> 137 [html::tableFromArray users "border=1" *] 138 <p><b>CGI Values</b><br> 139 [html::tableFromList [ncgi::nvlist] "border=1"] 140 <p> 141 <b>Environment</b><br> 142 [html::tableFromArray ::env "border=1" *] 143 }] 144}] 145 146[mypage::footer] 147