#!C:/perl/bin/perl
use strict;
use warnings;
use warnings FATAL => qw(uninitialized);
use Apache::Htpasswd;

### Configuration

my $self_url = 'htpasswd.cgi';
my $htpasswd_filename = '/path/to/.htpasswd';

### End of configuration

package EncodeHTML;

use strict;
use warnings;
use warnings FATAL => qw(uninitialized);

use Carp;

sub TIEHASH
{
  my ($self, $quot) = @_;
  $quot = '' if !defined($quot);
  return bless \$quot, $self;
}

sub FETCH
{
  my ($self, $s) = @_;
  my $quot = $$self;
  if (defined($s)) {
    $s =~ s/&/&/g;
    $s =~ s/</&lt;/g;
    $s =~ s/>/&gt;/g;
    $s =~ s/"/&quot;/g if $quot eq '"';
    $s =~ s/'/&apos;/g if $quot eq "'";
  }
  return $s;
}

sub STORE
{
  croak 'EncodeHTML-tied hash is read-only';
}

sub DELETE
{
  croak 'EncodeHTML-tied hash is read-only';
}

sub CLEAR
{
  croak 'EncodeHTML-tied hash is read-only';
}

sub EXISTS
{
  my ($self, $s) = @_;
  return 1;
}

sub FIRSTKEY
{
  croak 'EncodeHTML-tied hash cannot be enumerated';
}

sub NEXTKEY
{
  croak 'EncodeHTML-tied hash cannot be enumerated';
}

sub SCALAR
{
  my ($self) = @_;
  return 'EncodeHTML-tied hash';
}

package main;

use vars qw(%HTML %HTML_q);
tie %HTML, 'EncodeHTML';
tie %HTML_q, 'EncodeHTML', '"';

sub nz
{
    while (1) {
        return '' if !@_;
        return $_[0] if defined($_[0]);
        shift @_;
    }
}

my $method = $ENV{'REQUEST_METHOD'};
if ($method eq 'GET' || $method eq 'HEAD') {
    print <<"EOS";
Content-Type: text/html;charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML lang="en">
  <HEAD>
    <META http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
    <TITLE>Change password</TITLE>
  </HEAD>
  <BODY>
    <FORM action="$HTML_q{$self_url}" method="post">
      <TABLE>
        <COL><COL>
        <TR><TH>User:</TH>  <TD><INPUT type="text" name="user" size="20"></TD></TR>
        <TR><TH>Old:</TH>   <TD><INPUT type="password" name="old" size="20"></TD></TR>
        <TR><TH>New:</TH>   <TD><INPUT type="password" name="new" size="20"></TD></TR>
        <TR><TH>Retype:</TH><TD><INPUT type="password" name="new2" size="20"></TD></TR>
        <TR><TD colspan="2"><INPUT type="submit" value="Change password"> <INPUT type="reset" value="Clear"></TD></TR>
      </TABLE>
    </FORM>
  </BODY>
</HTML>
EOS
    exit;
}
elsif ($method eq 'POST') {
    my $in;
    read STDIN, $in, $ENV{'CONTENT_LENGTH'};
    my %in;
    foreach my $param (split(/[&;]/, $in)) {
        if ($param =~ /^([^=]+)=(.*)$/) {
            my $name = $1;
            my $value = $2;
            $name =~ tr/+/ /;
            $name =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg;
            $value =~ tr/+/ /;
            $value =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg;
            $in{$name} = $value;
        }
    }
    my $user = nz($in{'user'});
    my $old = nz($in{'old'});
    my $new = nz($in{'new'});
    my $new2 = nz($in{'new2'});
    if ($new ne $new2) {
        print <<"EOS";
Content-Type: text/html;charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML lang="en">
  <HEAD>
    <META http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
    <TITLE>Passwords do not match</TITLE>
  </HEAD>
  <BODY>
    <P>Two new passwords do not match.  <A href="$HTML_q{$self_url}">Please try again</A>.</P>
  </BODY>
</HTML>
EOS
        exit;
    }
    if ($new eq '') {
        print <<"EOS";
Content-Type: text/html;charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML lang="en">
  <HEAD>
    <META http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
    <TITLE>Weak password</TITLE>
  </HEAD>
  <BODY>
    <P>New password is too weak.  <A href="$HTML_q{$self_url}">Please try again</A>.</P>
  </BODY>
</HTML>
EOS
        exit;
    }
    my $htpasswd = new Apache::Htpasswd($htpasswd_filename);
    if (!$htpasswd->htpasswd($user, $new, $old)) {
        print <<"EOS";
Content-Type: text/html;charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML lang="en">
  <HEAD>
    <META http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
    <TITLE>Username or password is incorrect</TITLE>
  </HEAD>
  <BODY>
    <P>Username or password is incorrect.  <A href="$HTML_q{$self_url}">Please try again</A>.</P>
  </BODY>
</HTML>
EOS
        exit;
    }
    print <<"EOS";
Content-Type: text/html;charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML lang="en">
  <HEAD>
    <META http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
    <TITLE>Password is successfully changed</TITLE>
  </HEAD>
  <BODY>
    <P>Password is successfully changed.</P>
  </BODY>
</HTML>
EOS
}
else {
    print <<"EOS";
Status: 405 Method not allowed
Allow: GET, HEAD, POST
Content-Type: text/html;charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML lang="en">
  <HEAD>
    <META http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
    <TITLE>405 Method not allowed</TITLE>
  </HEAD>
  <BODY>
    <P>405 Method not allowed</P>
  </BODY>
</HTML>
EOS
}