lighttpd remote signups

[sql-web.git] / batch / signup.php

diff --git a/batch/signup.php b/batch/signup.php
index c06b5fc781991b3ee31671eee9b533c1f6c735de..20175b97dfdfc7ac28a242af27095208aeb1447e 100755 (executable)
--- a/batch/signup.php
+++ b/batch/signup.php
@@ -1,4 +1,4 @@
-#!/usr/bin/php
+#!/usr/bin/php -q
 <?php
 
 require_once(dirname(__FILE__).'/../mitsql.cfg.php');
@@ -6,21 +6,28 @@ require_once('mitsql.lib.php');
 
 require_once('batch.inc.php');
 
-$callingUnix = posix_getpwuid(posix_getuid());
+if (isset($argv) && count($argv)>=4) {
+    $myUsername = $argv[1];
+    $myUID = $argv[3];
+    if ($myUID<100) exit('bad UID');
+} elseif (defined('SIGNUP_PW') && strlen(SIGNUP_PW) && (isset($_SERVER['HTTP_AUTHORIZATION']) || isset($_SERVER['PHP_AUTH_PW'])) && SIGNUP_PW == $_SERVER['PHP_AUTH_PW']) {
+    $myUsername = $i_u;
+} else {
+    exit;
+}
 
-$myUsername = escapeshellcmd($callingUnix['name']);
-$hesinfo = explode(':', trim(`hesinfo $myUsername passwd`));
+if (empty($myUsername)) exit('bad User');
+$hescmd = "hesinfo $myUsername passwd";
+$hesinfo = explode(':', trim(exec($hescmd)));
 if (count($hesinfo)>=4) {
        $myName = explode(',', $hesinfo[4]);
        $myName = array_shift($myName);
 } else {
        $myName = $myUsername;
 }
-$myUID = $callingUnix['uid'];
 $myEmail = $myUsername.'@mit.edu';
-$myPassword = substr(uniqid(),0,7);
-
-if ($myUID<1000) exit;
+$myPassword = trim(exec(dirname(__FILE__).'/../bin/nicepass.py'));
+if (empty($myPassword)) exit('bad Password');
 
 $Login = new Login($myUsername);
 if (!$Login->exists() && !empty($myUsername)) {
@@ -30,7 +37,7 @@ if (!$Login->exists() && !empty($myUsername)) {
 if ($Login->canSignup()) {
        $User = new User($Login->getUserId());
        $User->signup($myPassword);
-       die($myPassword);
+       exit($myPassword);
 }
 
 ?>