How to modify Linux or Unix passwords using PHP

Required tools and installation:

You must install the following tools and software:

-Shell script for password modification;

-Sudo access;

-Apache or Lighttpd web server;

-PHP server program.

Step 1: Install a shell script that can change the User Password

This script can be used to modify the password of a Linux User (tested in Linux and FreeBSD ).

Example: shell script code

#! /Bin/sh # \ exec expect CT-f "$0" ${1 + "$ @"} set password [lindex $ argv 1] spawn passwd [lindex $ argv 0] sleep 1 CT "assword: "send" $ password \ r "your CT" assword: "send" $ password \ r "your CT eof to run the shell script (download link ):

$ Chpasswd username password download the script and copy it to your web root directory or other locations on the web server (readable ):

$ Cp chpasswd/var/www/or, if you use the Lighttpd web Server:

$ Cp chpasswd/home/lighttpd Step 2: run the command as root through sudo

The Apache or Lighttpd web server immediately uses non-root permissions after it enters the background for running. This prevents password modification, just as the passwd command requires the root permission to modify the passwords of other user accounts.

Generally, Apache 2 uses www-data users and Lighttpd uses lighttpd users (both common and non-root users ). Log on as the root user and run the following command:

# Mongodo now your web server allows you to execute a chpasswd script ). If you use the Apache web server, run the following command:

Www-data ALL = NOPASSWD:/var/www/chpasswd or, if you use the Lighttpd web server, run the following command:

Httpd ALL = NOPASSWD:/home/lighttpd/chpasswd save and exit the file.

Step 3. Create a PHP-based interface

Now you need to write a php script. There is a php script instance. You can modify it as needed. At least you need to correctly set the shell script location. Open the php script and find the shellscript line:

$ Shellscript = "sudo/home/lighttpd/chpasswd"; Modify shellscript to the correct position. Download the PHP source code from here:

Step 4: run the script

Enter the address in the address bar of your web browser. You will see the username and password prompt:

If the password is successfully modified, you will receive a confirmation prompt:

For some reason, if the password modification fails, you can refer to the following prompt for more detailed error information:

Step 5: Security

◆ Never run the above script directly through the http protocol. Instead, use the https protocol.

◆ Put the script in a password-protected directory.

◆ Never trust users' input. The above php script is just an example. In a real production environment, you need to consider using more powerful user input validation. The security of PHP programming is beyond the scope of this article. You can refer to a good PHP book or use your favorite search engine to search for related websites.