| Server IP : 127.0.0.1 / Your IP : 216.73.216.109 Web Server : Apache/2.4.54 (Win64) OpenSSL/1.1.1q PHP/8.1.10 System : Windows NT DESKTOP-E5T4RUN 10.0 build 19045 (Windows 10) AMD64 User : SERVERWEB ( 0) PHP Version : 8.1.10 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/cygwin64/home/SERVERWEB/webmin-2.105/passwd/ |
Upload File : |
#!/usr/bin/perl
# Change a user's password knowing the old one. For user only via anonymous
# API calls.
$trust_unknown_referers = 1;
require './passwd-lib.pl';
&ReadParse();
print "Content-type: text/plain\n\n";
# Validate inputs
keys(%in) || &error_exit("Required parameters are 'user' (Unix username), 'old' (Old password) and 'new' (New password)");
my $err = &apply_rate_limit($ENV{'REMOTE_ADDR'});
&error_exit($err) if ($err);
$in{'user'} || &error_exit("Missing user parameter");
$in{'old'} || &error_exit("Missing old parameter");
$in{'new'} || &error_exit("Missing new parameter");
$ENV{'ANONYMOUS_USER'} || &error_exit("Can only be called in anonymous mode");
$ENV{'REQUEST_METHOD'} eq 'POST' ||
&error_exit("Passwords can only be submitted via POST");
&foreign_installed("useradmin") ||
&error_exit("Users and Groups module is not supported on this OS");
# Validate user and pass
my $err = &apply_rate_limit($in{'user'});
&error_exit($err) if ($err);
&foreign_require("useradmin");
my $user = &find_user($in{'user'});
$user || &error_exit("User does not exist");
&useradmin::validate_password($in{'old'}, $user->{'pass'}) ||
&error_exit("Incorrect password");
my $err = &useradmin::check_password_restrictions(
$in{'new'}, $in{'user'}, $user);
&error_exit("Invalid password : $err") if ($err);
# Do the change
&clear_rate_limit($ENV{'REMOTE_ADDR'});
&clear_rate_limit($in{'user'});
eval {
local $main::error_must_die = 1;
&change_password($user, $in{'new'}, 1);
};
if ($@) {
&error_exit($@);
}
else {
print "OK: Password changed for $in{'user'}\n";
}
sub error_exit
{
print "FAILED: ",join("", @_),"\n";
exit(0);
}