diff --git a/app.py b/app.py index f77300a..b327ebb 100644 --- a/app.py +++ b/app.py @@ -11,10 +11,14 @@ def is_valid_input(input_string): app = Flask(__name__) def create_email_account(username, password): - if is_valid_input(password) and is_valid_input(username): + if password and is_valid_input(username): try: + + with open("password.tmp", "w") as file: + file.write(password) + # Use echo to securely pass the password to the command - cmd = ["echo", password, "|", "doas", "-u", "maddy", "maddy", "creds", "create", f"{username}@hectabit.org"] + cmd = ["cat", "password.tmp", "|", "doas", "-u", "maddy", "maddy", "creds", "create", f"{username}@hectabit.org"] result = subprocess.run(" ".join(cmd), shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) cmd2 = ["doas", "-u", "maddy", "maddy", "imap-acct", "create", f"{username}@hectabit.org"] @@ -45,7 +49,7 @@ def register(): username = request.form.get('username') password = request.form.get('password') - if not is_valid_input(password) or not is_valid_input(username): + if not is_valid_input(username): return render_template('num.html'), 400 if create_email_account(username, password): diff --git a/public/cta/index.html b/public/cta/index.html old mode 100644 new mode 100755 diff --git a/public/cta/political.mov b/public/cta/political.mov old mode 100644 new mode 100755 diff --git a/public/index.html b/public/index.html old mode 100644 new mode 100755 diff --git a/public/static/css/main.css b/public/static/css/main.css old mode 100644 new mode 100755 diff --git a/templates/num.html b/templates/num.html index fd5c3e0..929ed8d 100644 --- a/templates/num.html +++ b/templates/num.html @@ -11,7 +11,7 @@

Error!

- You can only have Alphanumerical characters and periods in your username / password. + You can only have Alphanumerical characters and periods in your username!