I will assume you are writing a set of utilities to aid in your system management processes and have taken the proper steps to secure this application from anyone but those authorized to use it. You have done this, right? Good. Because if this is unprotected or on a public web server, you are just asking to get hacked. And, of course, you are checking every argument that comes in from the form for length and invalid characters, right?

The ability to look up account information is built into perl. Use the getpwnam() function to look up an account by name. But you may still have a race condition. If two people request the same account name between invocations of the cron job, you can still end up with duplicate account names. You will have to also search the list of pending account creations. You should also set up some interlocks to make sure two copies of your application aren't performing searches at the same time.

Personally, I wouldn't allow this type of stuff on a network I managed. Web apps are too easily hacked. Use ssh and be absolutely certain of what accounts are being created on your machine and how.

---
print map { my ($m)=1<<hex($_)&11?' ':'';
$m.=substr('AHJPacehklnorstu',hex($_),1) }
split //,'2fde0abe76c36c914586c';
[download]