| Server IP : 49.231.201.246 / Your IP : 216.73.216.248 Web Server : Apache/2.4.18 (Ubuntu) System : Linux 246 4.4.0-210-generic #242-Ubuntu SMP Fri Apr 16 09:57:56 UTC 2021 x86_64 User : root ( 0) PHP Version : 7.0.33-0ubuntu0.16.04.16 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/webmin/passwd/ |
Upload File : |
#!/usr/bin/perl
# Change a user's password knowing the old one. For user only via anonymous
# API calls.
$trust_unknown_referers = 1;
require './passwd-lib.pl';
&ReadParse();
print "Content-type: text/plain\n\n";
# Validate inputs
keys(%in) || &error_exit("Required parameters are 'user' (Unix username), 'old' (Old password) and 'new' (New password)");
my $err = &apply_rate_limit($ENV{'REMOTE_ADDR'});
&error_exit($err) if ($err);
$in{'user'} || &error_exit("Missing user parameter");
$in{'old'} || &error_exit("Missing old parameter");
$in{'new'} || &error_exit("Missing new parameter");
$ENV{'ANONYMOUS_USER'} || &error_exit("Can only be called in anonymous mode");
$ENV{'REQUEST_METHOD'} eq 'POST' ||
&error_exit("Passwords can only be submitted via POST");
&foreign_installed("useradmin") ||
&error_exit("Users and Groups module is not supported on this OS");
# Validate user and pass
my $err = &apply_rate_limit($in{'user'});
&error_exit($err) if ($err);
&foreign_require("useradmin");
my $user = &find_user($in{'user'});
$user || &error_exit("User does not exist");
&useradmin::validate_password($in{'old'}, $user->{'pass'}) ||
&error_exit("Incorrect password");
my $err = &useradmin::check_password_restrictions(
$in{'new'}, $in{'user'}, $user);
&error_exit("Invalid password : $err") if ($err);
# Do the change
&clear_rate_limit($ENV{'REMOTE_ADDR'});
&clear_rate_limit($in{'user'});
eval {
local $main::error_must_die = 1;
&change_password($user, $in{'new'}, 1);
};
if ($@) {
&error_exit($@);
}
else {
print "OK: Password changed for $in{'user'}\n";
}
sub error_exit
{
print "FAILED: ",join("", @_),"\n";
exit(0);
}