#!/usr/local/bin/perl

# Password Encoder v1.0 (Sep-03-1999)
# Copyright (C) 1999 Kan-chan <kan-chan@innocent.com>
#  Web site: http://kan-chan.stbbs.net/download/
#
# This program is free software; you can redistribute it and/or 
# modify it under the terms of the GNU General Public License as 
# published by the Free Software Foundation; either version 2 of 
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, 
# but WITHOUT ANY WARRANTY; without even the implied warranty of 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public 
# License along with this program; if not, write to the Free 
# Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

# This program's file name
$self = "passwd.cgi";

# <BODY> tag
$body = "<body bgcolor=\"#FFFFD0\">";

if ($ENV{'REQUEST_METHOD'} eq "POST"){
	read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
} else{
	$buffer = $ENV{'QUERY_STRING'};
}
@pairs = split(/&/,$buffer);
foreach $pair (@pairs) {
	($name,$value) = split(/=/,$pair);
	$value =~ tr/+/ /;
	$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
	$FORM{$name} = $value;
}

$username = $FORM{'username'};
if ($FORM{'password1'} ne $FORM{'password2'}){
	&error("Error", "Passwords do not match.");
} else{
	$password = $FORM{'password1'};
}

if (($username eq '') && ($password eq '')) { &inputform; }
if ($username eq '') { &error('Error', 'Username is blank.  Input username.'); }
if ($password eq '') { &error('Error', 'Password is blank.  Input password.'); }

$pwd = encode_password($password);

if ($pwd eq '') { &error('Error', 'Cannot call function crypt() on this server.'); }

print <<"EOF1";
Content-type: text/html

<html>
<head>
<title>Password</title>
</head>
$body
<h1>Password</h1><p>

$username:$pwd<br>
<p>

Please add this to your password file.<br>
</body>
</html>
EOF1
exit;

sub inputform{
	print <<"EOF2";
Content-type: text/html

<html>
<head>
<title>Password form</title>
</head>
$body
<h1>Password</h1><p>

<form method=post action=\"$self\">
Username: <input type=text name=\"username\" size=20><br>
Password: <input type=password name=\"password1\" size=20><br>
Password again: <input type=password name=\"password2\" size=20> (for confirmation)<br>
<input type=submit value=\"Submit\"><input type=reset value=\"reset\"><br>
</form>
</body>
</html>
EOF2
	exit;
}

sub error{
	print <<"EOF3";
Content-type: text/html

<html>
<head>
<title>Error</title>
</head>
$body
<h1>$_[0]</h1>
<h3>$_[1]</h3>
</body>
</html>
EOF3
	exit;
}

sub encode_password{
	local(@saltset, $salt, $pwd);
	srand();
	@charset = ('a'..'z','A'..'Z','0'..'9','.','/');
	$salt = $charset[int(rand(64))] . $charset[int(rand(64))];
	if (!eval '$pwd = crypt($_[0], $salt);') {
		return '';
	} else{
		return $pwd;
	}
}