我正在托管一个带有登录Web界面的电子邮件服务器,但是我之前没有有效的方式向服务器注册用户以创建用户登录。因为这个原因,我创建了一个PHP系统来创建用户,并设置密码,但是已经创建了所述系统,我知道有一个重大的安全问题,因为服务器将执行创建用户的脚本,然后将更改所述用户密码。所以人们可以更改不同用户的密码。我现在创建了一个root安全防护,但我需要永久解决此问题以保护我的用户电子邮件。这里是php脚本和我用来创建和设置用户密码的shell脚本。Linux用户创建+ PHP和电子邮件
的index.php
$user=$_POST['user'];
$pass=$_POST['pass'];
$check=$_POST['check'];
if(isset($_POST['submit'])) {
if($user!="root"){
if($pass == $check) {
echo exec ("sudo /root/bin/newuser.sh ".$user." ".$pass."");
echo ("
User Created!Congratulation on the successful creation of your user!
Your login credentials are as follows:
Username: ".$user."
Password: " .$pass."
");} else {
echo "
Error creating account!Passwords did not match! Please this page!
";}
} else {
echo "Stahp plox!";
}
}
?>
Magnum Dongs Email Registration
Username will be created as [email protected], there is no need to add the @magnumdongs.com to the enter of the username you create.
Upon creation, you will be able to access your email through our Magnum Dongs Email Web Interface, however you will be unable to recieve email via Outlook or an open source alternative at this time.
Username :
Password :
Verify :
newuser.sh提前
#!/usr/bin/env bash
#echo "Enter username..."
#read user
#echo -e "Username :: $user \n Is this correct? [y,n]"
#read y
#if [[ $y == "y" ]]; then
# useradd -m $user
#else
# echo "Wrong username"
# exit
#fi
usr=$1
pass=$2
useradd -m -s /usr/bin/nologin $usr
echo "$usr:$pass" | chpasswd
感谢您的帮助