www.pudn.com > cgi-web.rar > user_manager.c, change:2007-08-31,size:9513b
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <getopt.h>
#include <errno.h>
#include <sys/ioctl.h>
#include <linux/config.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/klog.h>
#include "cgivars.h"
#include "htmllib.h"
#include "config_phase.h"
#include "sysconf.h"
#define DEBUG 0
#define ID_LOC_ADMNM 21
#define ID_LOC_ADMPD 22
#define ID_LOC_USRNM 23
#define ID_LOC_USRPD 24
#define AUTH_FILE "./.htpasswd"
extern char *crypt(const char *key, const char *setting);
static config_item ** items;
static int config_list[] = {21,22,23,24};
static char *config_name[] = {"LOC_ADMNM", "LOC_ADMPD", "LOC_USRNM", "LOC_USRPD"};
char java[]="
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\r\n
<HTML><HEAD>
<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">
<META HTTP-EQUIV=\"expires\" CONTENT=\"-1\">
<META http-equiv=Content-Type content=\"text/html; charset=gb2312\">
<STYLE type=text/css>BODY {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
TD {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
FORM {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
OPTION {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
TEXTAREA {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
P {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
OL {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
INPUT {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
SELECT {
FONT-SIZE: 10pt; FONT-FAMILY: Arial
}
.style1 {
FONT-WEIGHT: bold; FONT-SIZE: 14pt
}
</STYLE>
<META content=\"MSHTML 6.00.6000.16414\" name=GENERATOR></HEAD>";
int authCheck(char * userName ,char * pass) // error return -1 ; ok return 0
{
char* cryp;
int rtncode ;
static char line[10000];
FILE* fp;
int l;
/* Open the password file. */
fp = fopen( AUTH_FILE, "r" );
if ( fp == (FILE*) 0 )
{
trace("can not open athe file\n");
/* The file exists but we can't open it? Disallow access. */
//syslog(
// LOG_ERR, "%.80s auth file %.80s could not be opened - %m",
// ntoa( &client_addr ), authpath );
return -1;
}
/* Read it. */
while ( fgets( line, sizeof(line), fp ) != (char*) 0 )
{
/* Nuke newline. */
l = strlen( line );
if ( line[l - 1] == '\n' )
line[l - 1] = '\0';
/* Split into user and encrypted password. */
cryp = strchr( line, ':' );
if ( cryp == (char*) 0 )
continue;
*cryp++ = '\0';
/* Is this the right user? */
if ( strcmp( line, userName ) == 0 )
{
/* Yes. */
(void) fclose( fp );
/* So is the password right? */
if ( strcmp( crypt( pass, cryp ), cryp ) == 0 )
{
/* Ok! */
rtncode = 0;
return rtncode;
}
else
{
/* No. */
rtncode = -1;
return rtncode;
}
}
}
/* Didn't find that user. Access denied. */
(void) fclose( fp );
rtncode = -1;
return rtncode;
}
int passSet(char * userName ,char * newPass)
{
char command[64];
strcpy(command ,"./htpasswd1 ");
strcat(command ,userName);
strcat(command ," ");
strcat(command ,newPass);
system(command);
return 0;
}
void user_manager(char **postvars, int form_method)
{
char * userName = NULL;
char * pass = NULL;
char * newPass = NULL;
int i;
if( form_method == POST && postvars[0] != NULL)
{
for( i =0 ; postvars[i] ; i+= 2)
{
if(!strcmp("LOC_ADMPD",postvars[i]))
{
userName = "admin";
pass = postvars[i+1];
continue;
}
if(!strcmp("LOC_USRPD",postvars[i]))
{
userName = "user";
pass = postvars[i+1];
continue;
}
if(!strcmp("LOC_ADMPD1",postvars[i]))
{
newPass = postvars[i+1];
continue;
}
if(!strcmp("LOC_USRPD1",postvars[i]))
{
newPass = postvars[i+1];
continue;
}
}
if(authCheck(userName , pass ) == 0)
{
passSet(userName ,newPass);
printf("%s","Location: passSetOK.htm\n\n");
return;
}
else{
printf("%s","Location: passSetErr.htm\n\n");
return;
}
}
printf("%s\n",java);
printf("<BODY leftMargin=30 topMargin=24 rightMargin=30><P class=style1>用户管理</P>\n");
printf("<TABLE width=\"100%\"><TBODY><TR><TD><FORM name=user_manager1 action=/user_manager.cgi method=post target=msgFrame>\n");
printf("<TABLE style=\"BORDER-COLLAPSE: collapse\" borderColor=#dae3eb cellSpacing=0 cellPadding=0 width=\"100%\" border=1>\n");
printf("<TBODY><TR bgColor=#cccccc> <TD colSpan=3><B>管理员密码管理</B></TD></TR>\n");
printf("<TR><TD width=250>请输入管理员密码:</TD><TD><INPUT type=password maxLength=31 size=32 name=LOC_ADMPD> </TD></TR>\n");
printf("<TR><TD>请输入新的管理员密码:</TD><TD><INPUT type=password maxLength=31 size=32 name=LOC_ADMPD1> </TD></TR>\n");
printf("<TR><TD>请再次输入新的管理员密码:</TD><TD><INPUT type=password maxLength=31 size=32 name=LOC_ADMPD2> </TD></TR>\n");
printf("</TBODY></TABLE>\n");
printf("<P align=left><INPUT type=submit onclick=\"return CheckForm1();\" value=应用>\n");
printf("<INPUT type=reset value=重置>\n");
printf("<INPUT type=hidden value=chs name=lang> </P></FORM>\n");
printf("<FORM name=user_manager2 action=/user_manager.cgi method=post target=msgFrame>\n");
printf("<TABLE style=\"BORDER-COLLAPSE: collapse\" borderColor=#dae3eb cellSpacing=0 cellPadding=0 width=\"100%\" border=1>\n");
printf("<TBODY><TR bgColor=#cccccc> <TD colSpan=3><B>普通用户密码管理</B></TD></TR>\n");
printf("<TR><TD width=250>请输入普通用户密码:</TD><TD><INPUT type=password maxLength=31 size=32 name=LOC_USRPD> </TD></TR>\n");
printf("<TR><TD>请输入新的普通用户密码:</TD><TD><INPUT type=password maxLength=31 size=32 name=LOC_USRPD1> </TD></TR>\n");
printf("<TR><TD>请再次输入新的普通用户密码:</TD><TD><INPUT type=password maxLength=31 size=32 name=LOC_USRPD2> </TD></TR>\n");
printf("</TBODY></TABLE>\n");
printf("<P align=left><INPUT type=submit onclick=\"return CheckForm2();\" value=应用>\n");
printf("<INPUT type=reset value=重置>\n");
printf("<INPUT type=hidden value=chs name=lang> </P></FORM>\n");
printf("<TABLE style=\"BORDER-COLLAPSE: collapse\" borderColor=#dae3eb cellSpacing=0 cellPadding=0 width=\"100%\" border=1>\n");
printf("<TBODY><TR align=left><TD>权限说明:<LI>1.管理员:可以执行网络摄像机的所有功能操作</LI>
<LI>2.普通用户:可以查看视频图像,进行图像、云台等参数调整,但不能进行设置。</LI></TD></TR></TBODY></TABLE>\n");
printf("<TR><TD></TD></TR></TBODY></TABLE>\n");
printf("</BODY></HTML>\n");
// javascript layout
{
char jsp[]="
<script language=JavaScript>
<!--
function CheckForm1()
{
if(document.user_manager1.LOC_ADMPD1.value==\"\"||document.user_manager1.LOC_ADMPD1.value==null)
{
alert(\"新设置的管理员密码不能为空!\");
document.user_manager1.LOC_ADMPD1.focus();
return false;
}
else
{
if(document.user_manager1.LOC_ADMPD1.value.length <6 || document.user_manager1.LOC_ADMPD1.value.length >16)
{
alert(\"新设置的管理员密码应该在6到32个字符之间。\");
document.user_manager1.LOC_ADMPD1.focus();
return false;
}
else
{
if(document.user_manager1.LOC_ADMPD1.value != document.user_manager1.LOC_ADMPD2.value)
{
alert(\"您输入的密码和确认密码不同,请重新输入\");
document.user_manager1.LOC_ADMPD1.focus();
return false;
}
}
}
}
function CheckForm2()
{
if(document.user_manager2.LOC_USRPD1.value==\"\"||document.user_manager2.LOC_USRPD1.value==null)
{
alert(\"新设置的管理员密码不能为空!\");
document.user_manager2.LOC_USRPD1.focus();
return false;
}
else
{
if(document.user_manager2.LOC_USRPD1.value.length <6 || document.user_manager2.LOC_USRPD1.value.length >32)
{
alert(\"新设置的管理员密码应该在6到32个字符之间。\");
document.user_manager2.LOC_USRPD1.focus();
return false;
}
else
{
if(document.user_manager2.LOC_USRPD1.value != document.user_manager2.LOC_USRPD2.value)
{
alert(\"您输入的密码和确认密码不同,请重新输入\");
document.user_manager2.LOC_USRPD1.focus();
return false;
}
}
}
}
//-->
</script>";
printf("%s\n", jsp);
}
}
////////////////////////////////////////////////////////////////////////////
// Function: main
////////////////////////////////////////////////////////////////////////////
int main(void)
{
char **postvars = NULL; // POST request data repository
char **getvars = NULL; // GET request data repository
int form_method; // POST = 1, GET = 0
// CGI part start here
adminCheck();
form_method = getRequestMethod();
if(form_method == POST)
{
// getvars = getGETvars();
postvars = getPOSTvars();
}
else if(form_method == GET)
{
getvars = getGETvars();
}
// CGI start here, set COM port
user_manager(postvars, form_method);
//htmlFooter();
cleanUp(form_method, getvars, postvars);
fflush(stdout);
exit(0);
} // end of main