Shelly wrote:

> I am a bit of a beginner at this so please help and be patient.
>
> Goal:
> I want the create an account in qmail. What I want to do is ask the user
> for information and after some verification I want to automatically create
> that account for him. Now I have tracked down some things. The vpopmail
> database is in mysql and it holds his information related to the mail
> account.
> -- Side questions before I forget: The unencrypted password is
> there as well as an encrypted form.
> -- Is the unencrypted one necessary?
> -- How is it encrpted? It is not md5 (I use php) because
> the results are different.
>
> So far:
> I have tracked down the html files. They are in
> /var/www/cgi-bin/vqadmin/html. There appears to be a key one named
> add_user.html. It has in it:
> <form action="/cgi-bin/vqadmin/vqadmin.cgi" method="post" name="form1"
> id="form1">
> and then has:
> <table border="0" cellspacing="2" cellpadding="2">
> <tr><td class="clsLabelR">#-020</td>
> <td><INPUT TYPE="TEXT" NAME="eaddr" SIZE="30" VALUE="$-UA"></td></tr>
> <tr><td class="clsLabelR">#-021</td>
> <td><INPUT TYPE="TEXT" NAME="cpass" SIZE="30" VALUE="$-UO"></td></tr>
> <tr><td class="clsLabelR">#-039</td>
> <td><INPUT TYPE="TEXT" NAME="quota" SIZE="30" VALUE="$-UQ"></td></tr>
> <tr><td class="clsLabelR">#-022</td>
> <td><INPUT TYPE="TEXT" NAME="fname" SIZE="30" VALUE="$-UN"></td></tr>
> <tr><td class="clsLabel">#-040</td> </tr>
> </table>
>
> Assuming that this is the html file that actually gets sent to create the
> account, what I want to do is from a different php file send to
> /cgi-bin/vqadmin/vqadmin.cgi the information in a manner that it thinks it
> is coming from this form. I want to do that without any user interaction.
> So:
> -- Is this the right one?
> -- How do I do that?
> -- What are those #-020 and things?
>
> Thanks for any help.
>
> Shelly (Sheldon)
>
>


As far as the importance/necessity of the unencrypted password, the
answer depends on your setup. If your mail setup has capability of smtp
authentication or pop before smtp, it might be necessary for those
processies to access the clear text password.

If the encrypted password is of 13 characters long it is encrypted using
crypt.

The password could also be encrypted using the mysql PASSWORD command.

If you are using PHP I do not see a reason why you would need to
resubmit the data to a different script. Why not insert the data into a
temporary location until such time as the data provided on the form has
been verified or the account approved.

You of course could open a connection from within a php process and
provide the requisite information to the cgi script you mentioned.
I.e. post to /cgi-bin/vqadmin/vqadmin.cgi with the requisite paramaters.
You might have to handle authentication if that is setup to prevent
anyone from accessing that form and creating users as they see fit.

AK