#!/usr/bin/perl
#
# Webprotect - A unified script for simple webspace directory protection and
# authorized user management
#
# Copyright 1997 Rick Franchuk - TranSpecT Consulting for NetNation Communications
#
# $Id: webprotect,v 1.1 1997/05/22 02:55:29 root Exp $
#
# $Log: webprotect,v $
# Revision 1.1 1997/05/22 02:55:29 root
# Initial revision
#
# Nov 2001 - Fix to accommodate spaces. Chris Marchesi (chrism\@netnation.com)
sub dodie {
die "\nwebprotect - Simple webspace password protection/user management tool\n\n@_\n";
}
# $pwd = $ENV{'PWD'}; chop $pwd;
$pwd = $ENV{'PWD'};
$function = shift @ARGV;
die '
webprotect - Simple webspace password protection/user management tool
Usage: webprotect [function [user]]
webprotect prot - Password-protect the current directory
webprotect unprot - Remove protection from the current directory
webprotect add USER - Add or change the password of "USER"
webprotect del USER - Remove "USER" from the authorized list
Revision: $Id: webprotect,v 1.1 1997/05/22 02:55:29 root Exp $
' if($function eq "" || $function !~ /^(prot|unprot|add|del)/);
dodie "ERROR: You don't own this directory." if(! -O "." && $> .htpasswd") || dodie "ERROR: You don't have permission to protect this directory.";
close HTP;
open(OUT, "> .htaccess") || dodie "ERROR: You don't have permission to protect this directory.";
print OUT "
Require valid-user
AuthType Basic
AuthName this_protected_area
AuthUserFile \"$pwd/.htpasswd\"
";
close OUT;
print '
webprotect - Simple webspace password protection/user management tool
SUCCESS: Directory now requires password authorization when viewed from a web browser.
You\'ll probably want to add some authorized members using the "webprotect add" command.
';
exit;
}
# All functions from here on need an existing ".htaccess" file
dodie "ERROR: Directory is not protected." if(! -f ".htaccess");
# Unprotect Directory
if($function =~ /^unprot/i) {
dodie "ERROR: You don't have permission to unprotect this directory." if(! -w ".htaccess" || ! unlink ".htaccess");
# Unlink the .htpasswd file if it exists, don't bitch if it doesn't
unlink ".htpasswd";
print '
webprotect - Simple webspace password protection/user management tool
SUCCESS: The directory has been unprotected.
';
exit;
}
# All functions from here on need a username
$user = shift @ARGV;
dodie "ERROR: The '$function' function needs a username. Try\n\nwebprotect $function USER" if($user eq "");
# All functions from here need a writable password file
dodie "ERROR: You don't have permission to modify the password file." if( -f ".htpasswd" && ! -w ".htpasswd");
# Add a user to .htpasswd
if($function =~ /^add/i) {
exec "/usr/bin/htpasswd .htpasswd $user" if( -f ".htpasswd" );
exec "/usr/bin/htpasswd -c .htpasswd $user" if(! -f ".htpasswd");
dodie "ERROR: *MAJOR PROBLEM!* Please inform support\@netnation.com immediately!";
}
# Delete a user
open(IN, "< .htpasswd") || dodie "ERROR: You don't have permission to read the password file.";
@tmp = ;
close IN;
$flag = 0;
foreach(@tmp) { if(/^$user:/) { $flag =1 ; last; } }
dodie "Couldn't find user '$user'. Typo? Remember, upper/lowercase counts..." if($flag == 0);
open(OUT, "> .htpasswd") || dodie "ERROR: Problem writing new .htpasswd file. Please inform support\@netnation.com";
foreach(@tmp) {
next if(/^$user:/);
print OUT $_;
}
close OUT;
print "\nwebprotect - Simple webspace password protection/user management tool\n\nSUCCESS: User '$user' has been removed.\n";