#!/usr/bin/perl
#
# CGI.pl - a few common, convenient CGI routines
#
# Copyright (1997) Advanced Internet Technologies, Inc.

# domain name for this cpanel
#
$mydomain = "vhhostname";
$myaccount = "vhname";

# start and HTML page, with Contents line
#
sub start_html {
   local($myti) = @_;
   print "Content-type: text/html\n\n";
   print <<"EndHTML";
<HTML>
<HEAD><TITLE>$myti</TITLE>
<!-- Control Panel Copyright (1997) Advanced Internet Technologies, Inc. -->
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000080" LINK="#800040" VLINK="#800040">

EndHTML
}

# print standard trailer and close HTML
#
sub end_html {
   print <<"EndHTML";
<ADDRESS>
VSMT the Virtual Server Management Tool
</ADDRESS>
</BODY>
</HTML>
EndHTML
}

# dump a message to an HTML page, then die
#
sub write_and_exit {
   local ($msg) = @_;
   &start_html("");
   print $msg;
   &end_html;
   exit(0);
}

# get form input, return %FORM
#
sub read_cgi_input {
   local ($method, $query, @keypairs, $keyvalue, $key, $value);
   $method = $ENV{'REQUEST_METHOD'};
   if ($method eq "GET") {
      $query = $ENV{'QUERY_STRING'};
   } elsif ($method eq "POST") {
      read (STDIN, $query, $ENV{'CONTENT_LENGTH'});
   } else {
      local ($msg) = "Unsupported method: $method\n";
      &write_and_exit($msg);
   }
   @keypairs = split(/&/,$query);
   foreach $keyvalue (@keypairs) {
      ($key,$value) = split(/=/,$keyvalue);
      $key =~ tr/+/ /;
      $key =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack("C",hex($1))/eg;
      $value =~ tr/+/ /;
      $value =~ s/%([\dA-Fa-f][\dA-Fa-f])/pack("C",hex($1))/eg;
      $value =~ s/[\r\n]+$//;
      if (defined($FORM{$key})) {
         $FORM{$key} = join("\0",$FORM{$key},$value);
      } else {
         $FORM{$key} = $value;
      }
   }
}

# routine to encrypt the password (based on Mark Wensell's code)
#
sub generate_pw {
  local ($mypw) = @_;

  local @atoms,$n,$enc,@s,$salt;

  @atoms = split //,
  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";

  # seed the random number generator
  srand(time ^ $$);  # this should be adequate, we are only generating a salt
                     # not the passwd itself

  $n = int(rand 64);
  $s[0] = $atoms[$n];
  $n = int(rand 64);
  $s[1] = $atoms[$n];

  $salt = $s[0].$s[1];
  $enc = crypt($mypw, $salt);

  return($enc);
}

# check for sensitive usernames
#
sub unsafe_user {
  local ($myuser) = @_;
  return 1 if ($myuser eq $myaccount);
  return 1 if ($myuser eq "root");
  return 1 if ($myuser eq "mail");
  return 1 if ($myuser eq "cpanel");
  return 1 if ($myuser eq "nobody");
  return 1 if ($myuser eq "vroot");
  return 0;
}

# return 1 when 'require'd
1;