Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SUCCESS! Re: PHP change password script



I got my PHP working.  Here's the new changePassword function
that works for me.  It's using expect in a different way and
this time it actually looks for various errors.  I've tried
just about every path and no longer do I get output into my
http error log.  :)

Thanks for the pointers.  What helped me was a google search
looking for expect programs to interface to passwd, and I
found http://www.plug.org/pipermail/plug/2004-September/012386.html

Enjoy!

-derek

function changePassword($user, $currpwd, $newpwd) {
  global $output;

  $cmd = "";

  // Open a handle to expect in write mode
  $p = popen('/usr/bin/expect -f -','w');

  // Log conversation for verification
  $log = '/tmp/passwd_' . $user . '_' . time();
  $cmd .= "log_file -a \"$log\"\n";

  // Spawn the change-passwd command as $user
  $cmd .= "spawn /bin/su $user -c /usr/bin/passwd\n";
  $cmd .= "expect {\n";
  $cmd .=    "\"does not exist\" {exit 1}\n";
  $cmd .=    "\"assword: \"\n"; 
  $cmd .= "}\n";
  $cmd .= "send \"$currpwd\\r\"\n";
  $cmd .= "expect {\n";
  $cmd .=    "\"incorrect\" {exit 2}\n";
  $cmd .=    "\"hanging password for\"\n";
  $cmd .= "}\n";

  // Change the unix password
  $cmd .= "expect \"current\"\n";
  $cmd .= "expect \"assword: \"\n";
  $cmd .= "send \"$currpwd\\r\"\n";
  $cmd .= "expect {\n";
  $cmd .=    "\"error\" {exit 3}\n";
  $cmd .=    "\"assword: \"\n";
  $cmd .= "}\n";
  $cmd .= "send \"$newpwd\\r\"\n";
  $cmd .= "expect {\n";
  $cmd .=    "\"BAD PASSWORD\" {exit 4}\n";
  $cmd .=    "\"assword: \"\n";
  $cmd .= "}\n";
  $cmd .= "send \"$newpwd\\r\"\n";
  $cmd .= "expect {\n";
  $cmd .=    "\"successful\" {exit 0}\n";
  $cmd .=    "\"fail\" {exit 5}\n";
  $cmd .= "}\n";

  // Commit the command to expect & close
  fwrite($p, $cmd); pclose ($p);

  // Read & delete the log
  $fp = fopen($log,'r');
  $output = fread($fp, 2048);
  fclose($fp); unlink($log);
  $output = explode("\n",$output);

  return (trim($output[count($output)-2]) == 'passwd: all authentication tokens updated successfully.') ? true : false;
}

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord-DPNOqEs/LNQ at public.gmane.org                        PGP key available






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org