tazpanel rev 260
installer.cgi: hide and check passwords
| author | Dominique Corbex <domcox@slitaz.org> |
|---|---|
| date | Sat Mar 03 12:14:00 2012 +0100 (2012-03-03) |
| parents | 2091e38d34c4 |
| children | 9bcc77055db5 |
| files | installer.cgi |
line diff
1.1 --- a/installer.cgi Fri Mar 02 20:05:01 2012 +0100 1.2 +++ b/installer.cgi Sat Mar 03 12:14:00 2012 +0100 1.3 @@ -223,15 +223,13 @@ 1.4 cat <<EOT 1.5 <a name="source"></a> 1.6 <h4>$(gettext "Source")</h4> 1.7 - <table> 1.8 - <tr> 1.9 - <td><input type="radio" name="INST_TYPE" value="cdrom" $([ "$INST_TYPE" == "cdrom" ] && echo "checked") id="cdrom" /> 1.10 - <label for="cdrom">$(gettext "LiveCD")</td></label> 1.11 - </tr> 1.12 - <tr> 1.13 - <td><input type="radio" name="INST_TYPE" value="usb" $([ "$INST_TYPE" == "usb" ] && echo "checked") id="usb" /> 1.14 - <label for="usb">$(gettext "LiveUSB"): 1.15 - <select name="SRC_USB"> 1.16 +<div class="box"> 1.17 +<input type="radio" name="INST_TYPE" value="cdrom" $([ "$INST_TYPE" == "cdrom" ] && echo "checked") id="cdrom" /> 1.18 +<label for="cdrom">$(gettext "LiveCD")</td></label> 1.19 +<br /> 1.20 +<input type="radio" name="INST_TYPE" value="usb" $([ "$INST_TYPE" == "usb" ] && echo "checked") id="usb" /> 1.21 +<label for="usb">$(gettext "LiveUSB"): 1.22 +<select name="SRC_USB"> 1.23 EOT 1.24 # List disks if plugged USB device 1.25 usb=0 1.26 @@ -252,37 +250,32 @@ 1.27 echo "<option value="">$(gettext "Not found")</option>" 1.28 fi 1.29 cat << EOT 1.30 - </select></label> 1.31 - </td> 1.32 - </tr> 1.33 - <tr> 1.34 - <td><input type="radio" name="INST_TYPE" value="iso" $([ "$INST_TYPE" == "iso" ] && echo "checked") id="iso" /> 1.35 - <label for="iso">$(gettext "ISO file"):</label> 1.36 - <input type="url" size="50" name="SRC_ISO" $([ "$INST_TYPE" == "iso" ] && echo -e "value=\"$SRC_FILE\"") placeholder="$(gettext "Full path to the ISO image file")" /> 1.37 - </td> 1.38 - </tr> 1.39 - <tr> 1.40 - <td><input type="radio" name="INST_TYPE" value="web" $([ "$INST_TYPE" == "web" ] && echo "checked") id="web" /> 1.41 - <label for="web">$(gettext "Web"): 1.42 - <a class="button" onclick="document.forms['ConfigForm'].url.value = '$(tazinst showurl stable)'; return true;">$(gettext "Stable")</a> 1.43 - <a class="button" onclick="document.forms['ConfigForm'].url.value = '$(tazinst showurl cooking)'; return true;">$(gettext "Cooking")</a> 1.44 - $(gettext "URL:") 1.45 - <input id="url" type="url" size="55" name="SRC_WEB" value="$get_SRC_WEB" placeholder="$(gettext "Full url to an ISO image file")" /></td> 1.46 - </label> 1.47 - </tr> 1.48 - </table> 1.49 +</select> 1.50 +</label> 1.51 +<br /> 1.52 +<input type="radio" name="INST_TYPE" value="iso" $([ "$INST_TYPE" == "iso" ] && echo "checked") id="iso" /> 1.53 +<label for="iso">$(gettext "ISO file"):</label> 1.54 +<input type="url" size="50" name="SRC_ISO" $([ "$INST_TYPE" == "iso" ] && echo -e "value=\"$SRC_FILE\"") placeholder="$(gettext "Full path to the ISO image file")" /> 1.55 +<br /> 1.56 +<input type="radio" name="INST_TYPE" value="web" $([ "$INST_TYPE" == "web" ] && echo "checked") id="web" /> 1.57 +<label for="web">$(gettext "Web"): 1.58 +<a class="button" onclick="document.forms['ConfigForm'].url.value = '$(tazinst showurl stable)'; return true;">$(gettext "Stable")</a> 1.59 +<a class="button" onclick="document.forms['ConfigForm'].url.value = '$(tazinst showurl cooking)'; return true;">$(gettext "Cooking")</a> 1.60 +$(gettext "URL:") 1.61 +<input id="url" type="url" size="55" name="SRC_WEB" value="$get_SRC_WEB" placeholder="$(gettext "Full url to an ISO image file")" /> 1.62 +</label> 1.63 +</div> 1.64 EOT 1.65 } 1.66 1.67 select_partition() 1.68 { 1.69 -cat <<EOT 1.70 + cat <<EOT 1.71 <a name="partition"></a> 1.72 <h4></span>$(gettext "Main Partition")</h4> 1.73 -<table> 1.74 -<tr><td> 1.75 - $(gettext "Partition to use:") 1.76 - <select name="TGT_PARTITION"> 1.77 +<div class="box"> 1.78 +$(gettext "Partition to use:") 1.79 +<select name="TGT_PARTITION"> 1.80 EOT 1.81 # List partitions 1.82 if fdisk -l | grep -q ^/dev/ ; then 1.83 @@ -294,11 +287,11 @@ 1.84 echo "<option value="">$(gettext "Not found")</option>" 1.85 fi 1.86 cat << EOT 1.87 - </select> 1.88 - <br /> 1.89 - <input type="checkbox" name="MAIN_FMT" value="yes" $([ -n "$TGT_FS" ] && echo "checked") id="mainfs" /> 1.90 - <label for="mainfs">$(gettext "Format partition as"):</label> 1.91 - <select name="MAIN_FS"> 1.92 +</select> 1.93 +<br /> 1.94 +<input type="checkbox" name="MAIN_FMT" value="yes" $([ -n "$TGT_FS" ] && echo "checked") id="mainfs" /> 1.95 +<label for="mainfs">$(gettext "Format partition as"):</label> 1.96 +<select name="MAIN_FS"> 1.97 EOT 1.98 scan_mkfs 1.99 for i in $FS 1.100 @@ -307,20 +300,18 @@ 1.101 done 1.102 cat <<EOT 1.103 </select> 1.104 -</td></tr> 1.105 -</table> 1.106 +</div> 1.107 EOT 1.108 } 1.109 1.110 select_old_slitaz() 1.111 { 1.112 -cat <<EOT 1.113 + cat <<EOT 1.114 <a name="partition"></a> 1.115 <h4></span>$(gettext "Existing SliTaz Partition")</h4> 1.116 -<table> 1.117 -<tr><td> 1.118 - $(gettext "Partition in use:") 1.119 - <select name="TGT_PARTITION"> 1.120 +<div class="box"> 1.121 +$(gettext "Partition in use:") 1.122 +<select name="TGT_PARTITION"> 1.123 EOT 1.124 # List partitions 1.125 if fdisk -l | grep -q ^/dev/ ; then 1.126 @@ -333,8 +324,7 @@ 1.127 fi 1.128 cat <<EOT 1.129 </select> 1.130 -</td></tr> 1.131 -</table> 1.132 +</div> 1.133 EOT 1.134 } 1.135 1.136 @@ -344,8 +334,8 @@ 1.137 <a name="home"></a> 1.138 <h4>$(gettext "Home partition")</h4> 1.139 <input type="checkbox" name="HOME_SELECT" value="yes" $([ -n "$TGT_HOME" ] && echo "checked") id="homepart" /> 1.140 - <label for="homepart">$(gettext "Use a separate partition for /home:")</label> 1.141 - <select name="TGT_HOME"> 1.142 +<label for="homepart">$(gettext "Use a separate partition for /home:")</label> 1.143 +<select name="TGT_HOME"> 1.144 EOT 1.145 # List disk if plugged USB device 1.146 if fdisk -l | grep -q ^/dev/ ; then 1.147 @@ -357,11 +347,11 @@ 1.148 echo "<option value="">$(gettext "Not found")</option>" 1.149 fi 1.150 cat <<EOT 1.151 - </select> 1.152 +</select> 1.153 1.154 - <input type="checkbox" name="HOME_FMT" value="yes" $([ -n "$TGT_HOME_FS" ] && echo "checked") id="homefs" /> 1.155 - <label for="homefs">$(gettext "Format partition as:")</label> 1.156 - <select name="HOME_FS">" 1.157 +<input type="checkbox" name="HOME_FMT" value="yes" $([ -n "$TGT_HOME_FS" ] && echo "checked") id="homefs" /> 1.158 +<label for="homefs">$(gettext "Format partition as:")</label> 1.159 +<select name="HOME_FS">" 1.160 EOT 1.161 for i in $FS 1.162 do 1.163 @@ -373,32 +363,167 @@ 1.164 select_hostname() 1.165 { 1.166 cat << EOT 1.167 +<script type="text/javascript"> 1.168 + function checkHostname(){ 1.169 + var host = document.getElementById('h1'); 1.170 + var msg = document.getElementById('hostAlert'); 1.171 + var enoughRegex = new RegExp("(?=.{3,}).*", "g"); 1.172 + var incharRegex = new RegExp("^[A-Za-z0-9_]{3,20}$"); 1.173 + if (false == enoughRegex.test(host.value)) { 1.174 + msg.style.color = "tomato"; 1.175 + msg.innerHTML ="✖ Too short"; 1.176 + return false; 1.177 + } else if (false == incharRegex.test(host.value)) { 1.178 + msg.style.color = "tomato"; 1.179 + msg.innerHTML ="✖ Invalid chars"; 1.180 + return false; 1.181 + } else { 1.182 + msg.style.color = "limegreen"; 1.183 + msg.innerHTML = "✔"; 1.184 + } 1.185 + } 1.186 +</script> 1.187 <a name="hostname"></a> 1.188 <h4>$(gettext "Host")</h4> 1.189 $(gettext "Hostname:") 1.190 -<input type="text" name="TGT_HOSTNAME" value="$TGT_HOSTNAME" placeholder="$(gettext "Name of your system")" /> 1.191 +<input type="text" id="h1" name="TGT_HOSTNAME" value="$TGT_HOSTNAME" placeholder="$(gettext "Name of your system")" onkeyup="checkHostname(); return false;" /> 1.192 +<span id="hostAlert"></span> 1.193 EOT 1.194 } 1.195 1.196 select_root() 1.197 { 1.198 cat << EOT 1.199 +<script type="text/javascript"> 1.200 + function checkRootPwd(){ 1.201 + var pwd1 = document.getElementById('p1'); 1.202 + var pwd2 = document.getElementById('p2'); 1.203 + var msg = document.getElementById('rootPwdAlert'); 1.204 + if(pwd1.value == pwd2.value){ 1.205 + // passwords match. 1.206 + pwd2.style.backgroundColor = "white"; 1.207 + // various checks 1.208 + var enoughRegex = new RegExp("(?=.{4,}).*", "g"); 1.209 + var incharRegex = new RegExp("^[A-Za-z0-9!@#$%^&*()_]{4,20}$"); 1.210 + var strongRegex = new RegExp("^(?=.{8,})(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*\\W).*$", "g"); 1.211 + var mediumRegex = new RegExp("^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$", "g"); 1.212 + if (pwd1.value.length==0) { 1.213 + msg.style.color = "tomato"; 1.214 + msg.innerHTML = "✖ Missing Password"; 1.215 + return false; 1.216 + } else if (false == enoughRegex.test(pwd1.value)) { 1.217 + msg.style.color = "tomato"; 1.218 + msg.innerHTML ="✖ Too short"; 1.219 + return false; 1.220 + } else if (false == incharRegex.test(pwd1.value)) { 1.221 + msg.style.color = "tomato"; 1.222 + msg.innerHTML ="✖ Invalid chars"; 1.223 + return false; 1.224 + } else if (strongRegex.test(pwd1.value)) { 1.225 + msg.style.color = "limegreen"; 1.226 + msg.innerHTML = "✔ Strong!"; 1.227 + } else if (mediumRegex.test(pwd1.value)) { 1.228 + msg.style.color = "limegreen"; 1.229 + msg.innerHTML = "✔ Medium!"; 1.230 + } else { 1.231 + msg.style.color = "orange"; 1.232 + msg.innerHTML = "✔ Weak"; 1.233 + } 1.234 + }else{ 1.235 + // passwords do not match. 1.236 + pwd2.style.backgroundColor = "lightsalmon"; 1.237 + msg.style.color = "tomato"; 1.238 + msg.innerHTML = "✖ Do Not Match!" 1.239 + return false; 1.240 + } 1.241 + } 1.242 +</script> 1.243 + 1.244 <a name="root"></a> 1.245 <h4>$(gettext "Root")</h4> 1.246 $(gettext "Root passwd:") 1.247 -<input type="text" name="TGT_ROOT_PWD" value="$TGT_ROOT_PWD" placeholder="$(gettext "Password of root")" /> 1.248 +<input type="password" id="p1" name="TGT_ROOT_PWD" value="$TGT_ROOT_PWD" placeholder="$(gettext "Password of root")" onkeyup="checkRootPwd(); return false;" /> 1.249 +$(gettext "Confirm password:") 1.250 +<input type="password" id="p2" value="$TGT_ROOT_PWD" placeholder="$(gettext "Password of root")" onkeyup="checkRootPwd(); return false;" /> 1.251 +<span id="rootPwdAlert"></span> 1.252 EOT 1.253 } 1.254 1.255 select_user() 1.256 { 1.257 cat << EOT 1.258 +<script type="text/javascript"> 1.259 + function checkUserLogin(){ 1.260 + var user = document.getElementById('u1'); 1.261 + var msg = document.getElementById('userLoginAlert'); 1.262 + var enoughRegex = new RegExp("(?=.{3,}).*", "g"); 1.263 + var incharRegex = new RegExp("^[A-Za-z0-9_]{3,20}$"); 1.264 + if (false == enoughRegex.test(user.value)) { 1.265 + msg.style.color = "tomato"; 1.266 + msg.innerHTML ="✖ Too short"; 1.267 + return false; 1.268 + } else if (false == incharRegex.test(user.value)) { 1.269 + msg.style.color = "tomato"; 1.270 + msg.innerHTML ="✖ Invalid chars"; 1.271 + return false; 1.272 + } else { 1.273 + msg.style.color = "limegreen"; 1.274 + msg.innerHTML = "✔"; 1.275 + } 1.276 + } 1.277 + function checkUserPwd(){ 1.278 + var pwd1 = document.getElementById('p3'); 1.279 + var pwd2 = document.getElementById('p4'); 1.280 + var msg = document.getElementById('userPwdAlert'); 1.281 + if(pwd1.value == pwd2.value){ 1.282 + // passwords match. 1.283 + pwd2.style.backgroundColor = "white"; 1.284 + // various checks 1.285 + var enoughRegex = new RegExp("(?=.{3,}).*", "g"); 1.286 + var incharRegex = new RegExp("^[A-Za-z0-9!@#$%^&*()_]{3,20}$"); 1.287 + var strongRegex = new RegExp("^(?=.{8,})(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*\\W).*$", "g"); 1.288 + var mediumRegex = new RegExp("^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$", "g"); 1.289 + if (pwd1.value.length==0) { 1.290 + msg.style.color = "orange"; 1.291 + msg.innerHTML = "✔ No Password"; 1.292 + } else if (false == enoughRegex.test(pwd1.value)) { 1.293 + msg.style.color = "tomato"; 1.294 + msg.innerHTML ="✖ Too short"; 1.295 + return false; 1.296 + } else if (false == incharRegex.test(pwd1.value)) { 1.297 + msg.style.color = "tomato"; 1.298 + msg.innerHTML ="✖ Invalid chars"; 1.299 + return false; 1.300 + } else if (strongRegex.test(pwd1.value)) { 1.301 + msg.style.color = "limegreen"; 1.302 + msg.innerHTML = "✔ Strong!"; 1.303 + } else if (mediumRegex.test(pwd1.value)) { 1.304 + msg.style.color = "limegreen"; 1.305 + msg.innerHTML = "✔ Medium!"; 1.306 + } else { 1.307 + msg.style.color = "orange"; 1.308 + msg.innerHTML = "✔ Weak"; 1.309 + } 1.310 + }else{ 1.311 + // passwords do not match. 1.312 + pwd2.style.backgroundColor = "lightsalmon"; 1.313 + msg.style.color = "tomato"; 1.314 + msg.innerHTML = "✖ Do Not Match!" 1.315 + return false; 1.316 + } 1.317 + } 1.318 +</script> 1.319 <a name="user"></a> 1.320 <h4>$(gettext "User")</h4> 1.321 $(gettext "User login:") 1.322 -<input type="text" name="TGT_USER" value="$TGT_USER" placeholder="$(gettext "Name of the first user")" /> 1.323 +<input type="text" id="u1" name="TGT_USER" value="$TGT_USER" placeholder="$(gettext "Name of the first user")" onkeyup="checkUserLogin(); return false;" /> 1.324 +<span id="userLoginAlert"></span> 1.325 +<br /><br /> 1.326 $(gettext "User passwd:") 1.327 -<input type="text" name="TGT_USER_PWD" value="$TGT_USER_PWD" placeholder="$(gettext "Password of the first user")" /> 1.328 +<input type="password" id="p3" name="TGT_USER_PWD" value="$TGT_USER_PWD" placeholder="$(gettext "Password of the first user")" onkeyup="checkUserPwd(); return false;" /> 1.329 +$(gettext "Confirm password:") 1.330 +<input type="password" id="p4" value="$TGT_USER_PWD" placeholder="$(gettext "Password of the first user")" onkeyup="checkUserPwd(); return false;" /> 1.331 +<span id="userPwdAlert"></span> 1.332 EOT 1.333 } 1.334 1.335 @@ -435,10 +560,20 @@ 1.336 cat <<EOT 1.337 <script type="text/javascript"> 1.338 function SubmitForm() { 1.339 - var r=confirm("$(gettext "Do you really want to continue?")"); 1.340 - if (r==true) 1.341 - { 1.342 - document.ConfigForm.submit(); 1.343 + if (false == checkHostname()) { 1.344 + alert("Hostname error"); 1.345 + } else if (false == checkRootPwd()) { 1.346 + alert("Root password error"); 1.347 + } else if (false == checkUserLogin()) { 1.348 + alert("User login error"); 1.349 + } else if (false == checkUserPwd()) { 1.350 + alert("User password error"); 1.351 + } else { 1.352 + var r=confirm("$(gettext "Do you really want to continue?")"); 1.353 + if (r==true) 1.354 + { 1.355 + document.ConfigForm.submit(); 1.356 + } 1.357 } 1.358 } 1.359 </script>