From e9192b3d42660a5781101df4357d276318151e8a Mon Sep 17 00:00:00 2001
From: Jules Laplace <carbon@melanarchy.org>
Date: Fri, 2 Aug 2013 17:14:41 -0500
Subject: cgi-bin & lib

---
 cgi-bin/login | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)
 create mode 100755 cgi-bin/login

(limited to 'cgi-bin/login')

diff --git a/cgi-bin/login b/cgi-bin/login
new file mode 100755
index 0000000..0335549
--- /dev/null
+++ b/cgi-bin/login
@@ -0,0 +1,86 @@
+#!/usr/bin/perl
+#########################################
+# login
+# no input: print form
+# input: set cookie, send along to index
+#########################################
+
+if (-e "/var/www/vhosts/carbonpictures.com/bucky/lock")
+  {
+  print "Content-type: text/html\nPragma: no-cache\n\n";
+  print "<center><big><b><br>" . $BUCKY_CONFIG->{BUCKY_NAME} . " is down for maintenance!<p>please check back in a bit.</b></big></center>";
+  exit(0);
+  }
+
+if (! exists $ENV{'HTTPS'} || $ENV{'HTTPS'} ne "on")
+	{
+	print "Location: https://www.carbonpictures.com/cgi-bin/bucky/index\n\n";
+	exit;
+	}
+use localbucky;
+
+$dbh = DBI->connect ($dsn);
+
+# Check to see if user has supplied a username for login
+if (exists($input->{username}))
+  {
+  if ($DEBUG)
+    { header("login"); }
+
+  # Look up user, based on username and password
+  my ($USER) = auth( $input->{username}, crypt($input->{password}, lc($input->{username}) ) );
+
+  # No such user, or password failed, so redirect to logout
+  if ($USER == -1)
+    { print "password failed<br>\n" if $DEBUG; logout(); }
+
+  # User successfully logged in! Update the last login time
+  update_lastsession( $USER->{username} );
+  $USER->{lastsession} = $USER->{lastseen};
+
+  if ($DEBUG)
+    {
+    print "<div class=\"message\">\n";
+    print "uid: $USER->{id}\n<p>username: $USER->{username}\n<p>\n";
+    print "</div>\n";
+    footer();
+    }
+
+  nice_redirect();
+  }
+
+# Else, if there's an i=1 query string, redirect to adduser program
+elsif (exists($input->{i}) && $input->{i} == 1)
+  { redirect("$BUCKY/adduser?i=1"); }
+
+# Else, no username, so just display the login page
+else
+  {
+  header("login");
+  print qq{<hr color="$BUCKY_COLOR_HR" style="padding: 0px; margin: 2px;"><br><br><br><center><div class=message>};
+
+  # Display any login errors
+  if ($input->{error} == 1)
+    { print "bad username/password!<br>"; }
+  elsif ($input->{error} == 2)
+    { print "illegal traversal!<br>"; }
+
+  print "<b>$BUCKY_LOGIN_WELCOME</b>";
+  print qq{</b><br>\n<hr color="$BUCKY_COLOR_HR">\n\n};
+
+  login_form();
+
+  print qq(<p>\n<small>\n);
+#  print qq(<a href="$BUCKY/index"><b>tour</b> the hacklab</a>);
+#  print qq(<p>want an account?<br><a href="$BUCKY/invite">request one</a><br>);
+  print qq(</small></div></center>\n\n);
+
+  footer();
+  }
+
+$dbh->disconnect ();
+print "Login: " . &report_time() . "\n" if $timer;
+
+
+#########################################
+
-- 
cgit v1.2.3-70-g09d2