#! /usr/bin/perl -w

#A scipt to add a name and password to a .htpasswd file
#GNU GPL copyleft Jonathan Riddell 2000,2001

#place this in it's own ScriptAlias directory with a .htaccess
#file that uses the same .htpasswd file but with
#require user myname
#rather than letting anybody use it

#if I've done this corrrectly you can get away with changing only
#the three variables below

use CGI qw(:standard);

#the name of the .htpasswd file with full path
$passwdfile = "/etc/httpd/htpasswd";

#location of this file relative to root of URL
$control = "/controled/pass/control";

#what's the page called
$title = "30th inverleith's member's area";

########

print <<HEAD; 
Content-type: text/html

<html>
<head><title>Power user page for $title </title></head>
<body>
<h1>Edit password file for $title</h1>
<p style="font-size: smaller">Does like it says.  
If you add a name which already exists it will be updated.  
Now deletes names as well.  Please do not go and delete yourself
GNU GPL Copyleft Jonathan Riddell 2000,2001</p>

HEAD


if (param()) {   #if paramaters passed, check & enter them into .htpasswd file
    print "<h2>Results:</h2>\n";
    if (param("name") && param("delete")) {
	print "<pre>" . delete_name(param("name")) . "</pre>";
    } elsif (param("name") && param("pass")) {
	$name = param("name");
	$pass = param("pass");
	
	`htpasswd -b $passwdfile $name $pass`;
	print "<p>user $name added to password file</p>\n";
    } elsif (!param("name")){
	print "<p>No name supplied</p>\n";
    } elsif (!param("pass")){
	print "<p>No password supplied or delete box not checked</p>\n";
    }

}

#print out the form
$checked = 'checked="true"' if param("delete");

print <<FORMEND;

<h2>Form</h2>
<form method="post" action="$control">

<p>Name: 
        <input type="text" name="name" size="20"> 
Check to delete: <input type="checkbox" name="delete" $checked /></p>
<p>Password: <input type="text" name="pass" size="20"></p>
<input type="submit">
</form>
<p>Below is the output from your .htpasswd file.
<pre>

FORMEND

    open(HTPASSWD, "$passwdfile");
    while (<HTPASSWD>) {
      /(.*):.*/;
       print $1 . "\n";
    }
    print "</pre>";



print <<FOOT;
</body>
</html>
FOOT

#nuke them
sub delete_name {
    my ($name) = @_;
    my $output;
    my $deleted = 0;

    open(HTPASSWD, "$passwdfile") || 
	(return "Error: could not open password file to read");
    while ($line = <HTPASSWD>) {
	if (($line =~ /$name:.*/)) {
	    $deleted = 1;
	} else {
	    $output .= $line;
	}
    }
    close(HTPASSWD);

    open(HTPASSWD, "> $passwdfile") ||
	(return "Error: could not open password file to write");
    print HTPASSWD $output;
    close (HTPASSWD) ||
	(return "Error: could not close password file after write");
    if ($deleted) {
	return "$name deleted";
    } else {
	return "$name not found";
    }
}