blob: 0335549f767af216ec773f1b4831d8fd3ae9b1ff (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
#!/usr/bin/perl
#########################################
# login
# no input: print form
# input: set cookie, send along to index
#########################################
if (-e "/var/www/vhosts/carbonpictures.com/bucky/lock")
{
print "Content-type: text/html\nPragma: no-cache\n\n";
print "<center><big><b><br>" . $BUCKY_CONFIG->{BUCKY_NAME} . " is down for maintenance!<p>please check back in a bit.</b></big></center>";
exit(0);
}
if (! exists $ENV{'HTTPS'} || $ENV{'HTTPS'} ne "on")
{
print "Location: https://www.carbonpictures.com/cgi-bin/bucky/index\n\n";
exit;
}
use localbucky;
$dbh = DBI->connect ($dsn);
# Check to see if user has supplied a username for login
if (exists($input->{username}))
{
if ($DEBUG)
{ header("login"); }
# Look up user, based on username and password
my ($USER) = auth( $input->{username}, crypt($input->{password}, lc($input->{username}) ) );
# No such user, or password failed, so redirect to logout
if ($USER == -1)
{ print "password failed<br>\n" if $DEBUG; logout(); }
# User successfully logged in! Update the last login time
update_lastsession( $USER->{username} );
$USER->{lastsession} = $USER->{lastseen};
if ($DEBUG)
{
print "<div class=\"message\">\n";
print "uid: $USER->{id}\n<p>username: $USER->{username}\n<p>\n";
print "</div>\n";
footer();
}
nice_redirect();
}
# Else, if there's an i=1 query string, redirect to adduser program
elsif (exists($input->{i}) && $input->{i} == 1)
{ redirect("$BUCKY/adduser?i=1"); }
# Else, no username, so just display the login page
else
{
header("login");
print qq{<hr color="$BUCKY_COLOR_HR" style="padding: 0px; margin: 2px;"><br><br><br><center><div class=message>};
# Display any login errors
if ($input->{error} == 1)
{ print "bad username/password!<br>"; }
elsif ($input->{error} == 2)
{ print "illegal traversal!<br>"; }
print "<b>$BUCKY_LOGIN_WELCOME</b>";
print qq{</b><br>\n<hr color="$BUCKY_COLOR_HR">\n\n};
login_form();
print qq(<p>\n<small>\n);
# print qq(<a href="$BUCKY/index"><b>tour</b> the hacklab</a>);
# print qq(<p>want an account?<br><a href="$BUCKY/invite">request one</a><br>);
print qq(</small></div></center>\n\n);
footer();
}
$dbh->disconnect ();
print "Login: " . &report_time() . "\n" if $timer;
#########################################
|
