TITLE

#!/usr/bin/perl ####################################### # ForgotPassword 11/13/2000 # # # # CopyRight 2000 ZFC INTERNET # # http://www.zfc.com info@zfc.com # ####################################### require 5.003; require 'cgi-lib.pl'; $auth_user_file = "../Datafiles/testpass.dat"; &ReadParse(*in); $username = "$in{'username'}"; $email = "$in{'email'}"; if ($in{'forgot'} ne "" ){ print "Content-type: text/html\n\n"; &update_password(); print_thank(); } else{ print qq~ TITLE

Forgot Your Password?
Please enter your sername and the e-mail address you provided when your registered below. Your Password will be reset and the new password will be e-mailed to you

Username:
E-mail Address:

~; } #end else not request for update. sub update_password(){ # we seed the random generator for random stuff below srand(time|$$); $random = "abcdefghijklmnopqrstuvwxyz1234567890"; $password = ""; for (1..6) { $password .= substr($random,int(rand(36)),1); } $realpassword = $password; $salt = ""; # Note We do not re-seed the random generator from above for (1..2) { $salt .= substr($random,int(rand(36)),1); } $password = &AuthEncryptWrap ($password, $salt); &AuthGetFileLock ("$auth_user_file.lock"); open (USERFILE,"$auth_user_file") || &CgiDie("Could Not Open Data Base\n"); while () { $line = $_; chop ($line); @extra_fields = split(/\|/, $line); if ($username ne $extra_fields[1]) { $new_database .= "$line\n"; } if ($username eq $extra_fields[1] && $email eq $extra_fields[14]) { $passed = "1"; $extra_fields[0] = "$password"; $name = "$extra_fields[3]"; $validated_email = "$extra_fields[14]"; $new_entry = join ("|", @extra_fields); $new_database .= "$new_entry\n"; } } # End of While close (USERFILE); if ($passed eq "1"){ open (USERFILE,">$auth_user_file") || &CgiDie("Could Not Open Data Base\n"); print USERFILE "$new_database"; close (USERFILE); #E-mail the new password open (MAIL, "| /usr/lib/sendmail $validated_email"); print MAIL "From: zev\@zfc.com\n"; print MAIL "Subject: Your New Password\n\n"; print MAIL "To: $validated_email\n"; print MAIL "Dear $name,\n\n As per your request, you password has been reset. Here is your new password\n\nUsername:$username\nPassword:$realpassword\n\nRegards,\n\nZFC Consulting"; close MAIL; } #End if passed eq 1 &AuthReleaseFileLock ("$auth_user_file.lock"); } #end update_password. ######################################################### sub print_thank() { print qq~ ZFC.COM

Thank You. Please check your mailbox for your new password.

~; } #End of print thank you sub AuthEncryptWrap { local ($field, $salt) = @_; $field = crypt ($field, $salt); $field; } # end of encrypt sub AuthGetFileLock { local ($lock_file) = @_; local ($endtime); $endtime = 60; $endtime = time + $endtime; # We set endtime to wait 60 seconds # The $endtime is used for a timeout of how long we # want to keep waiting for the lock if someone else # already has it open. while (-e $lock_file && time < $endtime) { # Do Nothing } open(LOCK_FILE, ">$lock_file"); # flock(LOCK_FILE, 2); # 2 exclusively locks the file } # end of AuthGetFileLock sub AuthReleaseFileLock { local ($lock_file) = @_; # 8 unlocks the file # flock(LOCK_FILE, 8); close(LOCK_FILE); unlink($lock_file); } # end of ReleaseFileLock 1