如何通过web安全添加系统用户

adduserfromdb.pl

#!/usr/bin/perl
use DBI;
$dbuser = "xxxx";
$dbpasswd = "xxx";
$db = "xxxx";

$dbh = DBI->connect("DBI:mysql:$db",$dbuser,$dbpasswd);
$query = "select user,passwd from usertable where addornot=0";
$sth = $dbh->prepare($query);
$rv = $sth->execute or die "Can't execute the query:$sth->errstr\n";
while(@row = $sth->fetchrow_array) {
#print "user=".$row[0]."\n";
#print "password=".$row[1]."\n";
@saltchars = (a .. z, A .. Z, 0 .. 9);
srand(time||$$);
$salt = $saltchars[rand($#saltchars)] . $saltchars[rand($#saltchars)];
#print "$salt\t$row[1]\n";
$encrypt_passwd = crypt($row[1],$salt);
#print $encrypt_passwd."\n";
$add_exec = "/usr/sbin/useradd -p ".$encrypt_passwd." ".$row[0];
#对useradd增加参数，可以控制用户的组别、目录、登陆与否、shell等等
#print $add_exec."\n";
system($add_exec);
}
#1;

用户信息表
usertable:

CREATE TABLE usertoadd (
user tinytext NOT NULL,
passwd tinytext NOT NULL,
addornot tinyint(4) DEFAULT '0' NOT NULL
);