#!/usr/local/bin/perl
#you may need to adjust the above line (#!/usr/bin/perl is common)
#-----------------------------------------------------------------------------
# EZPass v1.0 (c) 2000 Croesus Design and Promotion
# Developed by Jason C. Fleming
# This program is distributed as open source WITHOUT ANY WARRANTY; without even
# the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# IN NO EVENT WILL CROESUS DESIGN, THE AUTHOR OF THIS PRODUCT OR ANY
# REPRESENTATIVE OF CROESUS DESIGN BE LIABLE FOR LOSS OF DATA OR FOR
# DIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL (INCLUDING LOST PROFIT),
# OR OTHER DAMAGE, WHETHER BASED IN CONTRACT, TORT, OR OTHERWISE.
#-----------------------------------------------------------------------------
$| = 1; #flush output
read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); #get form input
@namevalues = split(/&/, $buffer);
foreach $namevalue (@namevalues) {
($name, $value) = split(/=/, $namevalue);
$name =~ tr/+/ /;
$value =~ tr/+/ /;
$name =~ s/%(..)/pack("C", hex($1))/eg;
$value =~ s/%(..)/pack("C", hex($1))/eg;
$value =~ s///g; #deletes SSI's in case html is returned
$value =~ s/([:;<>\*\|`&\$!#\(\)\[\]\{\}'"])//g; # bleeps out html and shell commands (additional untaints done by programs)
$form{$name} = $value;
}
if ($form{path}) {
if (substr($form{path},0,1) eq '/') {$form{path} = substr($form{path},1)}
if (substr($form{path},-1) ne '/') {$form{path} .= '/'}
}
$program = $ENV{SCRIPT_NAME};
$root = $ENV{DOCUMENT_ROOT};
if ($form{directory}) {
$form{access}="AuthUserFile $root/$form{path}.htpasswd\nAuthGroupFile /dev/null\nAuthName \"$form{directory}\"\nAuthType Basic\n\n\nrequire valid-user\n";
$form{passwd}="$form{'login'}:" . &Crypt($form{'password'});
}
&OutputPage;
sub OutputPage {
print "Content-type: text/html\n\n";
print ".htaccess Generator\n";
print "\n";
}
sub Crypt {
my $pass_code = shift(@_);
my @chr = ('a'..'z');
my $s1= @chr[int(rand($#chr + 1))];
my $s2= @chr[int(rand($#chr + 1))];
my $salt = "$s1$s2";
my $crypt=crypt($pass_code,$salt);
return $crypt;
}