From c07e853bb4a67a3b728b7546b36801eaef770c19 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Wed, 17 Sep 2014 12:26:56 -0400
Subject: Add a basic command line password reset script.

---
 etc/phpshellsessions/changepassword | 79 +++++++++++++++++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 etc/phpshellsessions/changepassword

(limited to 'etc/phpshellsessions')

diff --git a/etc/phpshellsessions/changepassword b/etc/phpshellsessions/changepassword
new file mode 100644
index 0000000..8d698fe
--- /dev/null
+++ b/etc/phpshellsessions/changepassword
@@ -0,0 +1,79 @@
+require_once("config.inc");
+require("auth.inc");
+require_once("functions.inc");
+
+global $g, $config, $argv, $userindex;
+$userindex = index_users();
+
+$args = array_slice($argv, 3);
+
+$password = "";
+$confpassword = "";
+$username = "";
+
+$fp = fopen('php://stdin', 'r');
+
+// If the first parameter is empty, ask for username
+if (empty($args[0])) {
+	echo gettext("Enter username: ");
+	$username = fgets($fp);
+} else {
+	$username = $args[0];
+}
+$username = trim($username);
+
+// If the user does not exist, bail
+$user =& getUserEntry($username);
+if ($user == NULL) {
+	printf(gettext("User '%s' does not exist.\n"), $username);
+	exit(-1);
+} else {
+	printf(gettext("Changing password for '%s'.\n"), $username);
+}
+
+// If the user does exist, prompt for password
+while (empty($password)) {
+	echo gettext("New Password") . ": ";
+	exec('/bin/stty -echo');
+	$password = trim(fgets($fp));
+	exec('/bin/stty echo');
+	echo "\n";
+}
+
+// Confirm password
+while (empty($confpassword)) {
+	echo gettext("Confirm New Password") . ": ";
+	exec('/bin/stty -echo');
+	$confpassword = trim(fgets($fp));
+	exec('/bin/stty echo');
+	echo "\n";
+}
+
+// Check if user is disabled
+if (is_account_disabled($username)) {
+	echo gettext("Acount is disabled, would you like to re-enable? [y|n]") . ": ";
+	if (strcasecmp(chop(fgets($fp)), "y") == 0) {
+		unset($user['disabled']);
+	}
+}
+// Check if user is expired
+if (is_account_expired($username)) {
+	echo gettext("Acount is expired, would you like to clear the expiration date? [y|n]") . ": ";
+	if (strcasecmp(chop(fgets($fp)), "y") == 0) {
+		unset($user['expires']);
+	}
+}
+
+fclose($fp);
+
+// Compare password and confirm
+if ($password == $confpassword) {
+	//Reset password
+	local_user_set_password($user, $password);
+	local_user_set($user);
+	write_config(sprintf(gettext("password changed for user '%s' from console."), $username));
+	exit(0);
+} else {
+	echo gettext("New and Confirm passwords did not match.") . "\n";
+	exit(-1);
+}
\ No newline at end of file
-- 
cgit v1.1