So we have a script that connects to a database and pulls down a list of usernames passwords. Then we have a subroutine that hits the login and password with /usr/local/apache2/bin/htpasswd -bc then dumps them in to a /tmp/file.
Some users were unalbe to log in
sub getUsers {
$dbUser = shift;
$dbPass = shift;
$dbSid = shift;
$dbh = DBI->connect("dbi:Oracle:$dbSid","$dbUser","$dbPass") or die( "Couldn't connect: $!" );
$sql = "SELECT user_name,passwd FROM login_tbl";
$sth = $dbh->prepare($sql);
$sth->execute();
while ( ( $user_name,$passwd ) = $sth->fetchrow_array ) {
$passwd = quotemeta($passwd);
updatePasswdFile($user_name,$passwd);
}
$dbh->disconnect();
}
sub updatePasswdFile {
$file = "/tmp/tmpusers";
$user = shift;
$pass = shift;
print "Adding user: $user\n";
$cmd = "$prefs{htpasswd} -b $file $user $pass";
system($cmd);
}
What i discovered is that the htpasswd was not processing logins or passwords with a "$" symbol in them.
bash-3.00$
bash-3.00$ /usr/local/apache2/bin/htpasswd -bc /tmp/error.htpasswd zions$lee test
Adding password for user zions
bash-3.00$
bash-3.00$ cat /tmp/error.htpasswd
zions:$apr1$2YZZsgEK$csp6L7vbO81YYNSaRCdZQ/
bash-3.00$
bash-3.00$ /usr/local/apache2/bin/htpasswd -bc /tmp/error.htpasswd "zions$lee" test
Adding password for user zions
bash-3.00$
bash-3.00$ cat /tmp/error.htpasswd
zions:$apr1$AQOnDHdP$xBdm0AB3WZN.1cIeNLXUw/
bash-3.00$
bash-3.00$ /usr/local/apache2/bin/htpasswd -bc /tmp/error.htpasswd "zions\$lee" test
Adding password for user zions$lee
bash-3.00$
bash-3.00$
bash-3.00$ cat /tmp/error.htpasswd
zions$lee:$apr1$kmnQqi6K$bNKp0Ly8Pn.dqk.gEPb2H.
bash-3.00$
bash-3.00$
bash-3.00$
I have a regex /^\\S+\\s\\S+$/ that can find when both words have dollars signs - I am having trouble alteranting the regex like in the cases where just the login has the '$" character, or vice-versa, just the password.
I am putting a if statement that escapes the "$" character, but i am having a hell of a time putting the " " (quotes) in the varaible. how do i get and alternating regex one, the other or boths, and how do I escape the username (or password or both) with a dollar sign in the $user (or $pass) variable?
This is waht i have so far:
#!/usr/bin/perl
$escaping_file = $ARGV[0];
open( $filehandle, "<" , "$escaping_file" ) || die "can't access the file : $!";
while (<$filehandle>) {
chomp;
if ($_ =~ /^\$?\w+\$+\w+\$?$/g) {
s/\$/\\\$/g ;
$escaped_wquotes = qq("$_") ;
print "$escaped_wquotes\n";
}
}
[casper@casper]$ ./check_escapes 2013Nov14.logins
"uho\$test2"
"uho\$test3"
"ishi\$jg"
"bs\$test"
"uho\$test"
"boa\$jb"
"ishi\$b2"
"fb\$test"
"boston\$ny"
"stp\$test"
"tec\$stp3"
"bc\$test"
You are forming an incorrect shell command.
use String::ShellQuote qw( shell_quote );
my $shell_cmd = shell_quote($prefs{htpasswd}, '-b', $file, $user, $pass);
system($shell_cmd);
But why are you invoking a shell at all?
system($prefs{htpasswd}, '-b', $file, $user, $pass);
尝试$cmd = "$prefs{htpasswd} -b '$file' '$user' '$pass'";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.