--- loncom/interface/createaccount.pm 2012/05/01 16:09:26 1.40.2.5.2.17 +++ loncom/interface/createaccount.pm 2010/08/22 19:28:28 1.41 @@ -3,7 +3,7 @@ # institutional log-in ID (institutional authentication required - localauth # or kerberos) or an e-mail address. # -# $Id: createaccount.pm,v 1.40.2.5.2.17 2012/05/01 16:09:26 raeburn Exp $ +# $Id: createaccount.pm,v 1.41 2010/08/22 19:28:28 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -39,7 +39,7 @@ use Apache::lonhtmlcommon; use Apache::lonlocal; use Apache::lonauth; use Apache::resetpw; -use Captcha::reCAPTCHA; +use Authen::Captcha; use DynaLoader; # for Crypt::DES version use Crypt::DES; use LONCAPA qw(:DEFAULT :match); @@ -57,8 +57,6 @@ sub handler { my $sso_username = $r->subprocess_env->get('REDIRECT_SSOUserUnknown'); my $sso_domain = $r->subprocess_env->get('REDIRECT_SSOUserDomain'); - my $privkey = $r->dir_config('reCAPTCHA_PRIVATE'); - my $pubkey = $r->dir_config('reCAPTCHA_PUBLIC'); &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token','courseid']); &Apache::lonacc::get_posted_cgi($r); @@ -102,10 +100,6 @@ sub handler { my ($js,$courseid,$title); if (defined($env{'form.courseid'})) { $courseid = &validate_course($env{'form.courseid'}); - if (($courseid eq 'relate_3H121116c19344ff3relatel1') || - ($courseid eq 'relate_3e100973b27484f2drelatel1')) { - $courseid = 'relate_2764113e81b9e4f0crelatel1'; - } } if ($courseid ne '') { $js = &catreturn_js(); @@ -134,8 +128,7 @@ sub handler { return OK; } else { $start_page = - &Apache::loncommon::start_page($title,$js, - {'no_inline_link' => 1,}); + &Apache::loncommon::start_page($title,$js); &print_header($r,$start_page,$courseid); $r->print($output); &print_footer($r); @@ -143,8 +136,8 @@ sub handler { } } $start_page = - &Apache::loncommon::start_page($title,$js, - {'no_inline_link' => 1,}); + &Apache::loncommon::start_page($title,$js); + my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); my ($cancreate,$statustocreate) = &get_creation_controls($domain,$domconfig{'usercreation'}); @@ -152,7 +145,7 @@ sub handler { &print_header($r,$start_page,$courseid); my $output = '

'.&mt('Account creation unavailable').'

'. ''. - &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as username is not permitted for [_1].',$domdesc).'

'; + &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as username is not permitted at this institution ([_1]).',$domdesc).'

'; $r->print($output); &print_footer($r); return OK; @@ -231,7 +224,7 @@ sub handler { $output = &process_email_request($env{'form.useremail'},$domain,$domdesc, $contact_name,$contact_email,$cancreate, $lonhost,$domconfig{'usercreation'}, - $courseid,$privkey); + $courseid); } elsif (!$token) { &print_header($r,$start_page,$courseid); my $now=time; @@ -244,22 +237,13 @@ sub handler { $r->print(&javascript_validmail()); } $output = &print_username_form($domain,$domdesc,$cancreate,$now,$lonhost, - $courseid,$pubkey); + $courseid); } $r->print($output); &print_footer($r); return OK; } -sub get_custom_name { - my ($domain) = @_; - if ($domain eq 'relate') { - return 'Mechanics Online'; - } else { - return lc($domain); - } -} - sub print_header { my ($r,$start_page,$courseid) = @_; $r->print($start_page); @@ -300,7 +284,7 @@ sub selfenroll_crumbs { } my $last_crumb; if ($desc ne '') { - $last_crumb = &mt('Self-enroll in [_1]',"$desc"); + $last_crumb = &mt('Self-enroll in [_1]',''.$desc.''); } else { $last_crumb = &mt('Self-enroll'); } @@ -388,13 +372,6 @@ function validate_email() { if (validmail(field) == false) { alert("$lt{'email'}: "+field.value+" $lt{'notv'}."); return false; - } else { - var emailaddr = field.value; - var lcemail = emailaddr.toLowerCase(); - if (emailaddr != lcemail) { - field.value = lcemail; - alert("Mechanics Online usernames are all lower case.\\nAccordingly your username will be "+lcemail+" once activated."); - } } return true; } @@ -404,54 +381,36 @@ ENDSCRIPT } sub print_username_form { - my ($domain,$domdesc,$cancreate,$now,$lonhost,$courseid,$pubkey) = @_; - my %lt = &Apache::lonlocal::texthash ( - unam => 'username', - udom => 'domain', - uemail => 'E-mail address in LON-CAPA', - proc => 'Proceed', - crea => 'Create account with a username provided by this institution', - crlc => 'Create LON-CAPA account', - type => 'Type in your log-in ID and password to find out.', - plse => 'Please enter a valid e-mail address below.', - inst => 'Instructions on how to activate your account will be sent to the e-mail address you provide.', - aftr => 'After completing the activation process you will be directed to the course.', - ther => 'There you will have access to a "self test" that will help you assess your readiness for the course.', - ywil => 'You will also have access to introductory material and to the course schedule and policies.', - yous => 'Your user id for the course is your email address.', - ); + my ($domain,$domdesc,$cancreate,$now,$lonhost,$courseid) = @_; + my %lt = &Apache::lonlocal::texthash( + unam => 'username', + udom => 'domain', + uemail => 'E-mail address in LON-CAPA', + proc => 'Proceed'); my $output; if (ref($cancreate) eq 'ARRAY') { if (grep(/^login$/,@{$cancreate})) { my %domdefaults = &Apache::lonnet::get_domain_defaults($domain); if ((($domdefaults{'auth_def'} =~/^krb/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth')) { - $output = '

'.$lt{'crea'}.'

'; - my $submit_text = $lt{'crlc'}; - $output .= &mt('If you already have a log-in ID at this institution,[_1] you may be able to use it for LON-CAPA.','
'). - '

'.$lt{'type'}.'

'; + $output = '

'.&mt('Create account with a username provided by this institution').'

'; + my $submit_text = &mt('Create LON-CAPA account'); + $output .= &mt('If you already have a log-in ID at this institution,[_1] you may be able to use it for LON-CAPA.','
').'

'.&mt('Type in your log-in ID and password to find out.').'

'; $output .= &login_box($now,$lonhost,$courseid,$submit_text, $domain,'createaccount').'
'; } } if (grep(/^email$/,@{$cancreate})) { - $output .= '

'.&mt('Create account with an e-mail address as your username').'

'. - '

'. - &mt('You are about to sign-up for the [_1]Mechanics Online[_2] course.','','').'
'. - $lt{'plse'}.'

'; - my $captchaform = &create_recaptcha($pubkey); + $output .= '

'.&mt('Create account with an e-mail address as your username').'

'; + my $captchaform = &create_captcha(); if ($captchaform) { - my $submit_text = &mt('Sign-up'); + my $submit_text = &mt('Request LON-CAPA account'); my $emailform = ''; if (grep(/^login$/,@{$cancreate})) { - $output .= &mt('Provide your e-mail address to sign up for a Mechanics Online account [_1]if you do not have a log-in ID at your institution.','
').'

'; + $output .= &mt('Provide your e-mail address to request a LON-CAPA account,[_1] if you do not have a log-in ID at your institution.','
').'

'; } else { $output .= '
'; } - $output .= '
'. + $output .= ''. &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title(&mt('E-mail address'), 'LC_pick_box_title')."\n". @@ -459,8 +418,7 @@ sub print_username_form { &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::row_title(&mt('Validation'), 'LC_pick_box_title')."\n". - $captchaform."\n". - &mt('If either word is hard to read, [_1] will replace them.','reCAPTCHA refresh').'

'; + $captchaform."\n".'

'; if ($courseid ne '') { $output .= ''."\n"; } @@ -506,8 +464,7 @@ sub login_box { $output = &serverform($logtoken,$lonhost,undef,$courseid,$context); my $unameform = ''; my $upassform = ''; - $output .= ''."\n". - ''. + $output .= ''."\n". &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title($titles{$context}, 'LC_pick_box_title')."\n". @@ -515,8 +472,18 @@ sub login_box { &Apache::lonhtmlcommon::row_closure(1)."\n". &Apache::lonhtmlcommon::row_title(&mt('Password'), 'LC_pick_box_title')."\n". - $upassform. - &Apache::lonhtmlcommon::row_closure(1). + $upassform; + if ($context eq 'selfenroll') { + my $udomform = ''; + $output .= &Apache::lonhtmlcommon::row_closure(1)."\n". + &Apache::lonhtmlcommon::row_title(&mt('Domain'), + 'LC_pick_box_title')."\n". + $udomform."\n"; + } else { + $output .= ''; + } + $output .= &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::row_title(). '
'."\n"; @@ -536,8 +503,8 @@ sub login_box { sub process_email_request { my ($useremail,$domain,$domdesc,$contact_name,$contact_email,$cancreate, - $server,$settings,$courseid,$privkey) = @_; - $useremail = lc($env{'form.useremail'}); + $server,$settings,$courseid) = @_; + $useremail = $env{'form.useremail'}; my $output; if (ref($cancreate) eq 'ARRAY') { if (!grep(/^email$/,@{$cancreate})) { @@ -552,22 +519,26 @@ sub process_email_request { my $uhome = &Apache::lonnet::homeserver($useremail,$domain); if ($uhome ne 'no_host') { $output = &invalid_state('existinguser',$domdesc, - $contact_name,$contact_email,'',$useremail); + $contact_name,$contact_email); return $output; } else { - my $captcha = Captcha::reCAPTCHA->new; - my $captcha_result = - $captcha->check_answer( - $privkey, - $ENV{'REMOTE_ADDR'}, - $env{'form.recaptcha_challenge_field'}, - $env{'form.recaptcha_response_field'}, - ); - # PRIVATE key from https://www.google.com/recaptcha - if (!$captcha_result->{is_valid}) { + my $code = $env{'form.code'}; + my $md5sum = $env{'form.crypt'}; + my %captcha_params = &captcha_settings(); + my $captcha = Authen::Captcha->new( + output_folder => $captcha_params{'output_dir'}, + data_folder => $captcha_params{'db_dir'}, + ); + my $captcha_chk = $captcha->check_code($code,$md5sum); + my %captcha_hash = ( + 0 => 'Code not checked (file error)', + -1 => 'Failed: code expired', + -2 => 'Failed: invalid code (not in database)', + -3 => 'Failed: invalid code (code does not match crypt)', + ); + if ($captcha_chk != 1) { $output = &invalid_state('captcha',$domdesc,$contact_name, - $contact_email); - + $contact_email,$captcha_hash{$captcha_chk}); return $output; } my $uhome=&Apache::lonnet::homeserver($useremail,$domain); @@ -618,7 +589,7 @@ sub call_rulecheck { sub send_token { my ($domain,$email,$server,$domdesc,$contact_name,$contact_email,$courseid) = @_; my $msg = '

'.&mt('Account creation status').'

'. - &mt('Thank you for your request to create a new Mechanics Online account.'). + &mt('Thank you for your request to create a new LON-CAPA account.'). '

'; my $now = time; my %info = ('ip' => $ENV{'REMOTE_ADDR'}, @@ -629,28 +600,14 @@ sub send_token { my $token = &Apache::lonnet::tmpput(\%info,$server,'createaccount'); if ($token !~ /^error/ && $token ne 'no_such_host') { my $esc_token = &escape($token); - my $mailsubj = &mt('Your Mechanics Online Course Account'); - my $msgfrom = &mt('Mechanics Online Course Staff'); - my $mailmsg = &mt('Greetings.')."\n\n". - &mt('Thank you for your interest in our Online Mechanics Course.'). - ' '. - &mt('In order to complete the registration process, please open the following link in your web browser:'). - "\n\n". - &Apache::lonnet::absolute_url().'/adm/createaccount?token='.$esc_token. - "\n\n". - &mt('This link will take you to a sign-up page where you will be asked to provide some general information and finalize the registration process.'). - ' '. - &mt('A self-test (for review) is available within the course, for you to test your level of preparation.'). - "\n\n". - &mt('Best Regards,'). - "\n\n". - &mt('RELATE Group')."\n"; - - my $result = &Apache::resetpw::send_mail('MIT',$email,$mailmsg, - $msgfrom,$contact_email, - $mailsubj); + my $showtime = localtime(time); + my $mailmsg = &mt('A request was submitted on [_1] for creation of a LON-CAPA account at the following institution: [_2].',$showtime,$domdesc).' '. + &mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]', + &Apache::lonnet::absolute_url().'/adm/createaccount?token='.$esc_token); + my $result = &Apache::resetpw::send_mail($domdesc,$email,$mailmsg,$contact_name, + $contact_email); if ($result eq 'ok') { - $msg .= &mt('A message has been sent to the e-mail address you provided.').'
'.&mt('The message includes the web address for the link you will use to complete the sign-up process.').'
'.&mt("The link included in the message will be valid for the next [_1]two[_2] hours.",'',''); + $msg .= &mt('A message has been sent to the e-mail address you provided.').'
'.&mt('The message includes the web address for the link you will use to complete the account creation process.').'
'.&mt("The link included in the message will be valid for the next [_1]two[_2] hours.",'',''); } else { $msg .= ''. &mt('An error occurred when sending a message to the e-mail address you provided.').'
'. @@ -686,7 +643,7 @@ sub process_mailtoken { if ($result eq 'ok') { $msg = $output; my $shownow = &Apache::lonlocal::locallocaltime($now); - my $mailmsg = &mt('A [_1] account has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; + my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, $mailmsg,$contact_name, $contact_email); @@ -697,7 +654,7 @@ sub process_mailtoken { } my %form = &start_session($r,$data{'username'},$domain, $lonhost,$data{'courseid'}, - $token,'new'); + $token); $nostart = 1; $noend = 1; } else { @@ -724,7 +681,7 @@ sub process_mailtoken { } sub start_session { - my ($r,$username,$domain,$lonhost,$courseid,$token,$usertype) = @_; + my ($r,$username,$domain,$lonhost,$courseid,$token) = @_; my %form = ( uname => $username, udom => $domain, @@ -735,9 +692,6 @@ sub start_session { if ($courseid ne '') { $form{'courseid'} = $courseid; $firsturl = '/adm/selfenroll?courseid='.$courseid; - if ($usertype) { - $firsturl .= '&usertype='.$usertype; - } } } if ($r->dir_config('lonBalancer') eq 'yes') { @@ -796,7 +750,7 @@ ENDSERVERFORM my $upasstwo = ''; my $submit_text = &mt('Create LON-CAPA account'); $output .= '

'.&mt('Login Data').'

'."\n". - ''."\n". &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title(&mt('Username'), @@ -841,17 +795,6 @@ sub get_creation_controls { if (ref($usercreation->{'cancreate'}) eq 'HASH') { if (ref($usercreation->{'cancreate'}{'statustocreate'}) eq 'ARRAY') { @statustocreate = @{$usercreation->{'cancreate'}{'statustocreate'}}; - if (@statustocreate == 0) { - my ($othertitle,$usertypes,$types) = - &Apache::loncommon::sorted_inst_types($domain); - if (ref($types) eq 'ARRAY') { - if (@{$types} == 0) { - @statustocreate = ('default'); - } - } else { - @statustocreate = ('default'); - } - } } else { @statustocreate = ('default'); my ($othertitle,$usertypes,$types) = @@ -1030,7 +973,7 @@ sub username_check { } } if ($checkfail) { - $msg = '

'.&mt('Account creation unavailable').'

'; + $msg = '

'.&mt('Account creation unavailable').'

'; if ($checkfail eq 'username') { $msg .= ''. &mt('A LON-CAPA account may not be created with the username you use.'). @@ -1056,7 +999,7 @@ sub username_check { if ($rowcount) { if ($editable) { if ($courseid ne '') { - $msg = '

'.&mt('User information').'

'; + $msg = '

'.&mt('User information').'

'; } $msg .= &mt('To create one, use the table below to provide information about yourself, then click the [_1]Create LON-CAPA account[_2] button.','','').'
'; } else { @@ -1147,7 +1090,7 @@ sub username_activation { if ($result eq 'ok') { my $delete = &Apache::lonnet::tmpdel($env{'form.authtoken'}); $output = &mt('A LON-CAPA account has been created for username: [_1] in domain: [_2].',$username,$domain); - my %form = &start_session($r,$username,$domain,$lonhost,$courseid,undef,'new'); + my %form = &start_session($r,$username,$domain,$lonhost,$courseid); my $nostart = 1; return ('ok',$output,$nostart); } else { @@ -1190,57 +1133,72 @@ sub check_id { } sub invalid_state { - my ($error,$domdesc,$contact_name,$contact_email,$msgtext,$useremail) = @_; + my ($error,$domdesc,$contact_name,$contact_email,$msgtext) = @_; my $msg = '

'.&mt('Account creation unavailable').'

'; if ($error eq 'baduseremail') { - $msg .= &mt('The e-mail address you provided does not appear to be a valid address.'); + $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); } elsif ($error eq 'existinguser') { - my $uname = &HTML::Entities::encode($useremail); - $msg .= &mt('The e-mail address you provided is already in use as a username in LON-CAPA at this institution.').'

'.&mt('You can either:').'
    '. - '
  • '.&mt('Return to the [_1]log-in page[_2] and enter your password.','','').'
    • '. - '
  • '.&mt('or, if you do not remember your password, visit the "[_1]Forgot your password?[_2]" page.','',''). - '
'; + $msg = &mt('The e-mail address you provided is already in use as a username in LON-CAPA at this institution.'); } elsif ($error eq 'userrules') { - $msg .= &mt('Username rules at this institution do not allow the e-mail address you provided to be used as a username.'); + $msg = &mt('Username rules at this institution do not allow the e-mail address you provided to be used as a username.'); } elsif ($error eq 'userformat') { - $msg .= &mt('The e-mail address you provided may not be used as a username at this LON-CAPA institution.'); + $msg = &mt('The e-mail address you provided may not be used as a username at this LON-CAPA institution.'); } elsif ($error eq 'captcha') { - $msg .= &mt('Validation of the code you entered failed.'); + $msg = &mt('Validation of the code your entered failed.'); } elsif ($error eq 'noemails') { - $msg .= &mt('Creation of a new user account using an e-mail address as username is not permitted at this LON-CAPA institution.'); + $msg = &mt('Creation of a new user account using an e-mail address as username is not permitted at this LON-CAPA institution.'); } $msg .= ''; if ($msgtext) { $msg .= '
'.$msgtext; } - $msg .= &linkto_email_help($contact_email,$domdesc,$error); + $msg .= &linkto_email_help($contact_email,$domdesc); return $msg; } sub linkto_email_help { - my ($contact_email,$domdesc,$error) = @_; + my ($contact_email,$domdesc) = @_; my $msg; - my $href = '/adm/helpdesk'; if ($contact_email ne '') { my $escuri = &HTML::Entities::encode('/adm/createaccount','&<>"'); - $href .= '?origurl='.$escuri; - if ($error eq 'existinguser') { - my $escemail = &HTML::Entities::encode($env{'form.useremail'}); - $href .= '&useremail='.$escemail.'&useraccount='.$escemail; - } - $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for [_3].','','',$domdesc).'
'; + $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for [_3].','','',$domdesc).'
'; } else { $msg .= '
'.&mt('You may wish to send an e-mail to the server administrator: [_1] for [_2].',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc).'
'; } return $msg; } -sub create_recaptcha { - my ($pubkey) = @_; - my $captcha = Captcha::reCAPTCHA->new; - # generate PUBLICKEY from https://www.google.com/recaptcha - return $captcha->get_options_setter({theme => 'white'})."\n". - $captcha->get_html($pubkey); +sub create_captcha { + my ($output_dir,$db_dir) = @_; + my %captcha_params = &captcha_settings(); + my ($output,$maxtries,$tries) = ('',10,0); + while ($tries < $maxtries) { + $tries ++; + my $captcha = Authen::Captcha->new ( + output_folder => $captcha_params{'output_dir'}, + data_folder => $captcha_params{'db_dir'}, + ); + my $md5sum = $captcha->generate_code($captcha_params{'numchars'}); + + if (-e $Apache::lonnet::perlvar{'lonCaptchaDir'}.'/'.$md5sum.'.png') { + $output = ''."\n". + &mt('Type in the letters/numbers shown below').' '. + '
'. + ''; + last; + } + } + return $output; +} + +sub captcha_settings { + my %captcha_params = ( + output_dir => $Apache::lonnet::perlvar{'lonCaptchaDir'}, + www_output_dir => "/captchaspool", + db_dir => $Apache::lonnet::perlvar{'lonCaptchaDb'}, + numchars => '5', + ); + return %captcha_params; } sub getkeys {