amresmat

thanks again , one last thing sorry the javascript does not work, i tried to modify some things but it still does not work.

Thanks Psycho for your help both mothods you presented solved the dollar sign problem. i tried your modified code, the problem with it is that username and password appear on the url after pressing submit button.

thanks that worked and solved the problem, as i said i don't know php i know python that is why i used python script, if you can tell me how to use this php to hash password with sha512 plus salt linux style and save the username and hash in a file that would be great all i want from this scrips and the users is just the hash and it won't be used for changing linux password , no user will change password or something serious also the server containing this script does not contain anything important, also nobody will have access to this hashing script form before my acknowledge. i did get that code from the link that expalin how to use it to change linux password, but all i want is the php part, i put my own script for my purpose i don't need it to change linux password "If you need help - then ask" i did ask for help and i really appreciate your helo hope these answered your questions, i'm going to read your last reply thanks again

i know anybody can try to execute something since the php code is used to execute shell script, like for example adding semicolon then add a script or command but dun't worry this won't be used for public accessibilty at all, it is just private for other purposes, no risk at all i'm not that stupid

thanks for your reply, yes if the password is surrounded by single quotes it will be taken as it is, if a user entered the password between single quotes it will work fine with no mistakes but it would be wierd to ask users to write their passwords surrounded by single quotes, i think yes it is python problem with dollar sign not php that why i want php to enclose the password in single quotes then pass it to the python script I know i can hash and do all stuff with php, but i know python, i don't know php that's why i did this with python.

Hello I have a PHP script which take the username and password, send it to python script to hash it i didn't write the php script i found it on the internet, i'm novice in php the php script is a simple form so users can insert their username and passsword, php took these inputs from the form and send it to the pythin script. my problem is with when the password contain $$ or in general $ it get translated to random number when sent to the script for example PA$$W0RD will be PA2356W0RD, if in the password field i surrounded password with single quotes the password got passed to python script as it is, so how to make php script take the dollar sign as it is without converting to number, or how to make the php script surrounds the password with single quotes when passing it to the python script. PHP Code <?php /////////////////////////////////////////////////////////////// // PHP script to change Linux password // SEE following URL mor more info: // http://www.cyberciti.biz/tips/change-linux-or-unix-system-password-using-php-script.html // Written by nixCraft <http://www.cyberciti.biz/> // Distributed under GNU/GPL v2.0+ /////////////////////////////////////////////////////////////// // change .. me! - shell script name $shellscript = "python /home/rconfig/www/test1.py"; // Make sure form is submitted by user if(!(isset($_POST['pwdchange']))) { // if not display them form writeHead("Hash password"); writeForm(); writeFoot(); } else { // try to change the password $callshell=true; // get username and password $_POST['username'] = stripslashes(trim($_POST['username'])); $_POST['passwd'] = stripslashes(trim($_POST['passwd'])); // if user skip our javascript ... // make sure we can only change password if we have both username and password if(empty($_POST['username'])) { $callshell=false; } if(empty($_POST['passwd'])) { $callshell=false; } if ( $callshell == true ) { // command to change password $cmd="$shellscript " . $_POST['username'] . " " . $_POST['passwd']; // call command // $cmd - command, $output - output of $cmd, $status - useful to find if command failed or not exec($cmd,$output,$status); if ( $status == 0 ) { // Success - password Hash writeHead("Password Hashed"); echo '<h3>Password Hashed</h3>Setup a <a href='. $_SERVER['PHP_SELF'] . '>new password</a>'; writeFoot(); } else { // Password failed writeHead("Password hashing failed"); echo '<h3>Password hashing failed</h3>'; echo '<p>System returned following information:</p><pre>'; print_r($output); echo '</pre>'; echo '<p><em> Please try again, if the the propblem still exist contact the concerned team for more info <a href='.$_SERVER['PHP_SELF'].'again</a></em></p>'; writeFoot(); } } else { writeHead("Something was wrong -- Please try again"); echo 'Error - Please enter username and password'; writeForm(); writeFoot(); } } // display html head function writeHead($title) { echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title> ' .$title. '</title> <style type="text/css" media="screen"> .passwdform { position: static; overflow: hidden; } .passwdleft { width: 25%; text-align: right; clear: both; float: left; display: inline; padding: 4px; margin: 5px 0; } .passwdright { width: 70%; text-align: left; float: right; display: inline; padding: 4px; margin: 5px 0; } .passwderror { border: 1px solid #ff0000; } .passwdsubmit { } </style> </head> <body>'; } // display html form function writeForm() { echo ' <h3>Use following form to change password:</h3> <script> function checkForm() { if (document.forms.changepassword.elements[\'username\'].value.length == 0) { alert(\'Please enter a value for the "User name" field\'); return false; } if (document.forms.changepassword.elements[\'passwd\'].value.length == 0) { alert(\'Please enter a value for the "Password" field\'); return false; } return true; } </script> <div class="contactform"> <form action="' . $_SERVER[PHP_SELF]. '" method="post" onSubmit="return checkForm()" name="changepassword"> <div class="passwdleft"><label for="lblusername">User Name: </label></div> <div class="passwdright"><input type="text" name="username" id="lblusername" size="30" maxlength="50" value="" /> (required)</div> <div class="passwdleft"><label for="lblpasswd">Password: </label></div> <div class="passwdright"><input type="password" name="passwd" id="lblpasswd" size="30" maxlength="50" value="" /> (required)</div> <div class="passwdright"><input type="submit" name="Submit" value="Change password" id="passwdsubmit" /> <input type="hidden" name="pwdchange" value="process" /></div> </form> </div> '; } // display footer function writeFoot(){ echo '</body> </html> '; } ?> i can post the python script if needed. Thanks