2 # MySQL-auth version 1.0
3 # Anders Nordby <anders@fix.no>, 2002-01-20
4 # This script is usable for authenticating users against a MySQL database with
5 # the Apache module mod_auth_external or mod_authnz_external. See
6 # http://unixpapa.com/mod_auth_external/ for mod_auth_external.
8 # Updates to this script will be made available on:
9 # http://anders.fix.no/software/#unix
11 my $dbhost="localhost";
12 my $dbuser="validator";
13 my $dbpw="whatagoodpassword";
16 my $mychars="01234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-_,.";
18 # Below this, only the SQL query should be interesting to modify for users.
24 # 0: string 1: valid characters
29 while ($ok && $i < length($_[0])) {
30 if (index($_[1], substr($_[0],$i,1)) == -1) {
38 # Get the name of this program
39 $prog= join ' ',$0,@ARGV;
40 $logprefix='[' . scalar localtime . '] ' . $prog;
46 # Get the password name
50 # check for valid characters
51 if (!validchars($user, $mychars) || !validchars($pass, $mychars)) {
52 print STDERR "$logprefix: invalid characters used in login/password - Rejected\n";
56 # check for password in mysql database
58 my $dbh = DBI->connect("DBI:mysql:database=$dbname:host=$dbhost:port=$dbport",$dbuser,$dbpw,{PrintError=>0});
61 print STDERR "$logprefix: could not connect to database - Rejected\n";
65 my $dbq = $dbh->prepare("select username as username, password as password from users where username=?;");
66 $dbq->bind_param(1, $user);
69 my $row = $dbq->fetchrow_hashref();
71 if ($row->{username} eq "") {
72 print STDERR "$logprefix: could not find user $user - Rejected\n";
75 if ($row->{password} eq "") {
76 print STDERR "$logprefix: empty password for user $user - Rejected\n";
80 if ($row->{password} eq crypt($pass,substr($row->{password},0,2))) {
81 print STDERR "$logprefix: password for user $user matches - Accepted\n";
84 print STDERR "$logprefix: password for user $user does not match - Rejected\n";