hi dear,
don't u worry ur problem is solved. this script would help u. this is written in expect. first download it and then compile it. now u have to make a web page containing a form and then give that form your user name, old passwd and new passwd and on submit call this cgi script. your password will change. variable or text boxes u required on ur web form are name, old, new1 and new2.
have fun dear.
#!/usr/local/src/expect-5.38/expect --
# This is a CGI script to process requests created by the accompanying
# passwd.html form. This script is pretty basic, although it is
# reasonably robust. (Purposely intent users can make the script bomb
# by mocking up their own HTML form, however they can't expose or steal
# passwords or otherwise open any security holes.) This script doesn't
# need any special permissions. The usual (ownership nobody) is fine.
#
# Don Libes, NIST
# Modified virtually beyond all recognition by
# Jim Levie (jim@entrophy-free.net) to work properly under Solaris or Linux.
puts "Content-type: text/html\n" ;# note extra newline
puts "
<head>
<title>Passwd Change Acknowledgment</title>
</head>
<h2>Passwd Change Acknowledgment</h2>
"
proc cgi2ascii {buf} {
regsub -all {\+} $buf { } buf
regsub -all {([\\["$])} $buf {\\\1} buf
regsub -all -nocase "%0d%0a" $buf "\n" buf
regsub -all -nocase {%([a-f0-9][a-f0-9])} $buf {[format %c 0x\1]} buf
eval return \"$buf\"
}
foreach pair [split [read stdin $env(CONTENT_LENGTH)] &] {
regexp (.*)=(.*) $pair dummy varname val
set val [cgi2ascii $val]
set var($varname) $val
}
log_user 0
proc errormsg {s} {puts "<h3>Error: $s</h3>"}
proc successmsg {s} {puts "<h3>$s</h3>"}
# Need to su first to get around passwd's requirement that passwd cannot
# be run by a totally unrelated user. Seems rather pointless since it's
# so easy to satisfy, eh?
#
# Solaris 2.6 & later needs the -r option to specify which
# password service (files, nis, nisplus) see man passwd. Linux
# has passwd in a different location and doesn't need the
# service specification. (Note that I no longer have anything
# earlier than 2.6 to test with, you've been warned... there be
# dragons here).
#
# BIG NOTE!!! Linux has to have the "sleep 1" between each of
# the "expect/send" pairs. It puts out the prompt before it's actually
# ready to take input. You can comment them out for Solaris, but
# it doesn't hurt for them to be there and might be a plus
# busy server. (there be really big dragons here...)
#
# Change as appropriate to reflect where your passwd executable is
#
# The next line (commented out) is for Solaris, the one following is
# for Linux
#
#spawn /bin/su $var(name) -c "/bin/passwd -r files $var(name)"
spawn /bin/su $var(name) -c "/usr/bin/passwd"
sleep 1
expect {
"Unknown (login|id):" {
errormsg "unknown user: $var(name)"
exit
} -re "(.*) does not exist" {
errormsg "unknown user: $var(name)"
exit
} default {
errormsg "$expect_out(buffer)"
exit
} "Password:"
}
send "$var(old)\r"
sleep 1
expect {
"Sorry" {
errormsg "Old password incorrect"
exit
} "incorrect passwd" {
errormsg "Old password incorrect"
exit
} default {
errormsg "$expect_out(buffer)"
exit
} -re "(.*)(login|UNIX) password:"
}
send "$var(old)\r"
sleep 1
expect {
"Sorry" {
errormsg "Old password incorrect"
exit
} default {
errormsg "$expect_out(buffer)"
exit
} -re "New (.*)password:"
}
send "$var(new1)\r"
sleep 1
expect {
-re "passwd.SYSTEM.(.*)" {
errormsg "$expect_out(buffer)"
exit
} -re "BAD(.*)" {
errormsg "$expect_out(buffer)"
exit
} "passwd: Authentication token manipulation error" {
errormsg "Old Password incorrect"
exit
} default {
errormsg "Unknown error from passwd"
exit
} -re "Re(.*) password:"
}
send "$var(new2)\r"
sleep 1
expect {
-re "passwd(.*) try again" {
errormsg "$expect_out(buffer)"
exit
} -re "Sorry,(.*)" {
errormsg "$expect_out(buffer)"
exit
} default {
errormsg "Unknown error from passwd"
exit
} -re "(.*) successfully changed (.*)" {
successmsg "Password successfully changed"
exit
} -re "(.*) updated successfully" {
successmsg "Successfully updated password"
exit
}
}
close
wait
