認証

#!/usr/local/bin/perl ############################################### # rest7.cgi # V2.0 (2005.1.8) # Copyright(C) CGI-design ############################################### $script = 'rest7.cgi'; $base = './restdata'; #データ格納ディレクトリ $opfile = "$base/option.cgi"; open (IN,"$opfile") || &error("OPEN ERROR"); $opdata = ; close IN; if (!$opdata) { $pass = &crypt('cgi'); chmod(0666,$opfile); open (OUT,">$opfile") || &error("OPEN ERROR"); print OUT "$pass<>$pass<>"; close OUT; } ###　メイン処理　### if ($ENV{'REQUEST_METHOD'} eq "POST") {read(STDIN,$in,$ENV{'CONTENT_LENGTH'});} else {$in = $ENV{'QUERY_STRING'};} foreach (split(/&/,$in)) { ($n,$val) = split(/=/); $val =~ tr/+/ /; $val =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $val =~ s/&/&/g; $val =~ s//>/g; $val =~ s/"/"/g; $val =~ s/\r\n|\r|\n/
/g; $in{$n} = $val; } $mode = $in{'mode'}; open (IN,"$opfile") || &error("OPEN ERROR"); ($pass,$pw,$resturl) = split(/<>/,); close IN; if ($mode eq 'admin') {&admin;} else {&main;} print "\n"; exit; ### sub header { print "Content-type: text/html\n\n"; print "\n"; print "認証\n"; $head = 1; } ### sub main { if ($in{'pw'} eq '') {&error("パスワードを入力して下さい");} $mat = &decrypt($in{'pw'},$pw); if (!$mat) {&error("パスワードが違います");} if (!$resturl) {&error("ＵＲＬが設定されていません");} &header; print "\n"; } ### sub admin { &header; print "\n"; $inpass = $in{'pass'}; if ($inpass eq '') { print "

管理パスワードを入力して下さい

\n"; print "\n"; print "\n"; exit; } $mat = &decrypt($inpass,$pass); if (!$mat) {&error("管理パスワードが違います");} if ($in{'wrt'}) { if ($in{'newpass'} ne '') {$pass = &crypt($in{'newpass'});} if ($in{'newpw'} ne '') {$pw = &crypt($in{'newpw'});} $resturl = $in{'resturl'}; open (OUT,">$opfile") || &error("OPEN ERROR"); print OUT "$pass<>$pw<>$resturl"; close OUT; } print "

下記に入力後、「設定する」を押して下さい。\n"; print "
\n"; # 次の行は著作権表示ですので削除しないで下さい。# print "CGI-design\n"; print "\n"; } ### sub crypt { @salt = ('a' .. 'z','A' .. 'Z','0' .. '9'); srand; $salt = "$salt[int(rand($#salt))]$salt[int(rand($#salt))]"; return crypt($_[0],$salt); } ### sub decrypt { $salt = $_[1] =~ /^\$1\$(.*)\$/ && $1 || substr($_[1],0,2); if (crypt($_[0],$salt) eq $_[1] || crypt($_[0],'$1$' . $salt) eq $_[1]) {return 1;} return 0; } ### sub error { if (!$head) {&header; print "\n";} print "

ERROR !!

$_[0]\n"; print "\n"; exit; }