#!/bin/bash
# apm--Apache Password Manager-allows-A the administrator to easily
# add, update, or delete accounts and passwords for a subdirectory
# of a typical Apache configuration (where the config file is called
# .htaccess).
echo "Content-type: text/html"
echo ""
echo "
Apache Password Manager Utility"
setglobal basedir = $[pwd]
setglobal myname = $[basename $0]
setglobal footer = ""$basedir/apm-footer.html""
setglobal htaccess = ""$basedir/.htaccess""
setglobal htpasswd = ""$[which htpasswd] -b""
# It's highly suggested you include the following code for security purposes:
#
# if [ "$REMOTE_USER" != "admin" -a -s $htpasswd ] ; then
# echo "Error: You must be user admin to use APM."
# exit 0
# fi
# Now get the password filename from the .htaccess file.
if test ! -r $htaccess {
echo "Error: cannot read $htaccess file."
exit 1
}
setglobal passwdfile = $[grep "AuthUserFile" $htaccess | cut -d' ' -f2]
if test ! -r $passwdfile {
echo "Error: can't read password file: can't make updates."
exit 1
} elif test ! -w $passwdfile {
echo "Error: can't write to password file: can't update."
exit 1
}
echo "
"
echo "Apache Password Manager
"
setglobal action = $[echo $QUERY_STRING | cut -c3]
setglobal user = $[echo $QUERY_STRING|cut -d'&' -f2|cut -d= -f2|tr '[:upper:]' '[:lower:]]
match $action {
with A echo "
Adding New User $user
"
if test ! -z $[grep -E "^$(user):" $passwdfile] {
echo "Error: user $user already appears in the file."
} else {
setglobal pass = $[echo $QUERY_STRING|cut -d'&' -f3|cut -d= -f2]
if test ! -z $[echo $pass|tr -d '[[:upper:][:lower:][:digit:]]]
{
echo "Error: passwords can only contain a-z A-Z 0-9 ($pass)"
} else {
$htpasswd $passwdfile $user $pass
echo "Added! "
}
}
with U echo "
Updating Password for user $user
"
if test -z $[grep -E "^$(user):" $passwdfile] {
echo "Error: user $user isn't in the password file?"
echo "searched for "^$(user):" in $passwdfile"
} else {
setglobal pass = $[echo $QUERY_STRING|cut -d'&' -f3|cut -d= -f2]
if test ! -z $[echo $pass|tr -d '[[:upper:][:lower:][:digit:]]]
{
echo "Error: passwords can only contain a-z A-Z 0-9 ($pass)"
} else {
grep -vE "^$(user):" $passwdfile | tee $passwdfile > /dev/null
$htpasswd $passwdfile $user $pass
echo "Updated! "
}
}
with D echo "
Deleting User $user
"
if test -z $[grep -E "^$(user):" $passwdfile] {
echo "Error: user $user isn't in the password file?"
} elif test $user = "admin" {
echo "Error: you can't delete the 'admin' account."
} else {
grep -vE "^$(user):" $passwdfile | tee $passwdfile >/dev/null
echo "Deleted! "
}
}
# Always list the current users in the password file...
echo "