useradm.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

<?php
	if (!defined('STDIN')) {
		print "Please run this script via PHP CLI interpreter (php ./useradm.php).";
		exit;
	}

	require_once "config.php";
	require_once "db.php";

	$dbh = Db::get();

	$longopts = [ "add:", "del:", "list", "help" ];

	$options = getopt("", $longopts);

	if (count($options) == 0 || isset($options["help"])) {
		print "Manage Epube user database. Usage:
	--add USER:PASSWORD
	--del USER
	--list\n";
	}

	if (isset($options["del"])) {
		$user = SQLite3::escapeString($options["del"]);

		print "Deleting user $user...\n";
		$dbh->query("DELETE FROM epube_users WHERE user = '$user'");
	}

	if (isset($options["list"])) {
		$res = $dbh->query("SELECT id, user FROM epube_users ORDER BY user");

		while ($line = $res->fetchArray(SQLITE3_ASSOC)) {
			printf("%d. %s\n", $line["id"], $line["user"]);
		}

	}

	if (isset($options["add"])) {
		@list($user, $pass) = explode(":", $options["add"]);

		if (!$user || !$pass) {
			print "Not enough arguments.\n";
			exit;
		}

		$user = SQLite3::escapeString($user);
		$pass_hash = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:$pass"));

		print "Adding user $user with password $pass...\n";

		$res = $dbh->query("SELECT user FROM epube_users WHERE user = '$user'");

		if ($line = $res->fetchArray(SQLITE3_ASSOC)) {
			print "User already exists.\n";
		} else {
			$dbh->query("INSERT INTO epube_users (user, pass)
					VALUES ('$user', '$pass_hash')");
		}

	}

?>