#!/usr/bin/perl -T -w # $Id: example-web-admin,v 1.3 2003/10/25 12:23:13 suter Exp $ # # Copyright (c) 2003 Mark Suter # This program is free software; you can redistribute it # and/or modify it under the same terms as Perl itself. # # [MJS 8 Mar 2003] Initial version. use strict; use CGI qw( -nosticky ); use HTML::Entities; my %commands = ( "uptime" => { label => "System Uptime", exec => [ "/usr/bin/uptime" ] }, "uname" => { label => "System Uname", exec => [ "/bin/uname", "-a" ] }, ); my $q = new CGI; print $q->header, $q->start_html(-title => "Example Admin Script", -style => {'src' => '/style.css'}, -author => 'suter@humbug.org.au'), $q->h1("Example Admin Script"); if ($q->param()) { eval { my $action = $q->param('action') or die "action\n"; defined($commands{$action}) or die "unexpected\n"; if (open(CHILD, "-|")) { print "
\n";
	    print "\$ ", encode_entities join " ", @{$commands{$action}{exec}}, "\n";
	    while () {
	        print encode_entities $_;
	    }
	    close(CHILD);
	    print "\n
\n"; ## Only a zero exit status indicates success $? == 0 or die "failure\n"; } else { open STDERR, '>&STDOUT' or die "dup: $!\n"; exec { $commands{$action}{exec}->[0] } @{$commands{$action}{exec}} or die "exec: $!\n"; } }; $@ and print $q->p({class=>"alert"}, "There was a problem: $@"); print $q->end_html, "\n\n"; } else { my %labels = map { $_, $commands{$_}{label} } keys %commands; print $q->p("This is a example admin script with the following properties."), $q->ul( $q->li([ "Commands to execute are pre-determined.", "The commands are executed safely via explicit pipe.", "Authentication is left to the reader (too many different ways).", "The source code is available." ]) ), $q->start_form(-method => "GET"), $q->radio_group(-name=>'action', -values => [ keys %commands ], -linebreak => 'true', -labels => \%labels), $q->submit(), $q->endform(), $q->end_html, "\n\n"; }