#!/usr/bin/perl -wT
use CGI qw(standard);
use CGI::Carp qw(fatalsToBrowser);
use Apache::Htpasswd;

my $htpasswd="htpasswd";
my $main=new CGI();
print $main->header;
print $main->start_html('Password Administration');
$main->import_names('Q');

if ($Q::form) {
        if (($Q::username) && ($Q::oldpass) && ($Q::newpass)) {
                # all the forms have been entered
                &change_pass
        } else {
                print "please fill in all fields";
        }
} else {
        # must be a first time customer
        print $main->startform;
        print "<table border=0 cellpadding=1 cellspacing=0>\n";
        print "<tr><td>Username: </td><td>",$main->textfield(-name=>'username',-size=>30),"</td></tr>";
        print "<tr><td>Password: </td><td>",$main->password_field(-name=>'oldpass',-size=>30),"</td></tr>";
        print "<tr><td>New Password: </td><td>",$main->password_field(-name=>'newpass',-size=>30),"</td></tr>";
        print "<tr><td>&nbsp;</td><td>",$main->submit(-name=>'form',-value=>'Change Password'),"</td></tr></tab
le>";
}


sub change_pass {
        if (-e $htpasswd) { # if the htpasswd file exists
                my $htpass = new Apache::Htpasswd("$htpasswd");
	# use Apache::Htpasswd's builtin function to verify old pass before changing
                $htpass->htpasswd($Q::username,$Q::newpass,$Q::oldpass);
	# get errors (if any)
                my $err=$htpass->error;
                if ($err) {
                        print "Error. Most likely due to an inccorect password or username \n";
                } else {
			## must be no errors
                        print "user $Q::username password changed\n";
                }
        } else {
                print "$htpasswd cannot be found\n";
        }
}