From 4727e6c09f88e63f02e6c8f359862d0c0942ed36 Mon Sep 17 00:00:00 2001
From: "terry%netscape.com" <>
Date: Wed, 16 Sep 1998 04:49:23 +0000
Subject: Everything has been ported to now run under Perl.

---
 changepassword.cgi | 63 ++++++++++++++++++++++++++++++++----------------------
 1 file changed, 38 insertions(+), 25 deletions(-)

(limited to 'changepassword.cgi')

diff --git a/changepassword.cgi b/changepassword.cgi
index 9e031bb16..8a8e5623d 100755
--- a/changepassword.cgi
+++ b/changepassword.cgi
@@ -1,5 +1,5 @@
-#! /usr/bonsaitools/bin/mysqltcl
-# -*- Mode: tcl; indent-tabs-mode: nil -*-
+#!/usr/bonsaitools/bin/perl -w
+# -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public License
 # Version 1.0 (the "License"); you may not use this file except in
@@ -18,61 +18,74 @@
 # Netscape Communications Corporation. All Rights Reserved.
 # 
 # Contributor(s): Terry Weissman <terry@mozilla.org>
-source "CGI.tcl"
 
-confirm_login
+#! /usr/bonsaitools/bin/mysqltcl
+# -*- Mode: tcl; indent-tabs-mode: nil -*-
+
+require "CGI.pl";
 
-if {![info exists FORM(pwd1)]} {
-    puts "Content-type: text/html
+confirm_login();
+
+if (! defined $::FORM{'pwd1'}) {
+    print "Content-type: text/html
 
 <H1>Change your password</H1>
 <form method=post>
 <table>
 <tr>
-<td align=right>Please enter the new password for <b>$COOKIE(Bugzilla_login)</b>:</td>
+<td align=right>Please enter the new password for <b>$::COOKIE{'Bugzilla_login'}</b>:</td>
 <td><input type=password name=pwd1></td>
 </tr>
 <tr>
 <td align=right>Re-enter your new password:</td>
 <td><input type=password name=pwd2></td>
 </table>
-<input type=submit value=Submit>"
-    exit
+<input type=submit value=Submit>\n";
+    exit;
 }
 
-if {![cequal $FORM(pwd1) $FORM(pwd2)]} {
-    puts "Content-type: text/html
+if ($::FORM{'pwd1'} ne $::FORM{'pwd2'}) {
+    print "Content-type: text/html
 
 <H1>Try again.</H1>
-The two passwords you entered did not match.  Please click <b>Back</b> and try again."
-    exit
+The two passwords you entered did not match.  Please click <b>Back</b> and try again.\n";
+    exit;
 }
 
 
-set pwd $FORM(pwd1)
+my $pwd = $::FORM{'pwd1'};
 
 
-if {![regexp {^[a-zA-Z0-9-_]*$} $pwd] || [clength $pwd] < 3 || [clength $pwd] > 15} {
-    puts "Content-type: text/html
+if ($pwd !~ /^[a-zA-Z0-9-_]*$/ || length($pwd) < 3 || length($pwd) > 15) {
+    print "Content-type: text/html
 
 <H1>Sorry; we're picky.</H1>
 Please choose a password that is between 3 and 15 characters long, and that
 contains only numbers, letters, hyphens, or underlines.
 <p>
-Please click <b>Back</b> and try again."
-    exit
+Please click <b>Back</b> and try again.\n";
+    exit;
 }
 
 
-puts "Content-type: text/html\n"
+print "Content-type: text/html\n\n";
+
+# Generate a random salt.
+
+sub x {
+    my $sc="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./";
+    return substr($sc, int (rand () * 100000) % (length ($sc) + 1), 1);
+}
+my $salt  = x() . x();
+
+my $encrypted = crypt($pwd, $salt);
 
-SendSQL "select encrypt('$pwd')"
-set encrypted [lindex [FetchSQLData] 0]
+SendSQL("update profiles set password='$pwd',cryptpassword='$encrypted' where login_name=" .
+        SqlQuote($::COOKIE{'Bugzilla_login'}));
 
-SendSQL "update profiles set password='$pwd',cryptpassword='$encrypted' where login_name='[SqlQuote $COOKIE(Bugzilla_login)]'"
-SendSQL "update logincookies set cryptpassword = '$encrypted' where cookie = $COOKIE(Bugzilla_logincookie)"
+SendSQL("update logincookies set cryptpassword = '$encrypted' where cookie = $::COOKIE{'Bugzilla_logincookie'}");
 
-puts "<H1>OK, done.</H1>
+print "<H1>OK, done.</H1>
 Your new password has been set.
 <p>
-<a href=query.cgi>Back to query page.</a>"
+<a href=query.cgi>Back to query page.</a>\n";
-- 
cgit v1.2.3-24-g4f1b