version 1.235, 2019/08/21 22:41:13
|
version 1.236, 2020/02/09 04:43:20
|
Line 1273 sub passwordchanger {
|
Line 1273 sub passwordchanger {
|
$r->print(Apache::loncommon::start_page('Personal Data')); |
$r->print(Apache::loncommon::start_page('Personal Data')); |
$r->print(Apache::lonhtmlcommon::breadcrumbs('Change Password')); |
$r->print(Apache::lonhtmlcommon::breadcrumbs('Change Password')); |
} |
} |
my ($blocked,$blocktext) = |
|
&Apache::loncommon::blocking_status('passwd'); |
|
if ($blocked) { |
|
$r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
|
return; |
|
} |
|
if ((!defined($caller)) || ($caller eq 'preferences')) { |
if ((!defined($caller)) || ($caller eq 'preferences')) { |
$user = $env{'user.name'}; |
$user = $env{'user.name'}; |
$domain = $env{'user.domain'}; |
$domain = $env{'user.domain'}; |
if (!defined($caller)) { |
if (!defined($caller)) { |
$caller = 'preferences'; |
$caller = 'preferences'; |
} |
} |
|
my ($blocked,$blocktext) = |
|
&Apache::loncommon::blocking_status('passwd'); |
|
if ($blocked) { |
|
$r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
|
return; |
|
} |
} elsif ($caller eq 'reset_by_email') { |
} elsif ($caller eq 'reset_by_email') { |
my %data = &Apache::lonnet::tmpget($mailtoken); |
my %data = &Apache::lonnet::tmpget($mailtoken); |
if (keys(%data) == 0) { |
if (keys(%data) == 0) { |
Line 1301 sub passwordchanger {
|
Line 1301 sub passwordchanger {
|
$user = $data{'username'}; |
$user = $data{'username'}; |
$domain = $data{'domain'}; |
$domain = $data{'domain'}; |
$currentpass = $data{'temppasswd'}; |
$currentpass = $data{'temppasswd'}; |
|
my ($blocked,$blocktext) = |
|
&Apache::loncommon::blocking_status('passwd',$user,$domain); |
|
if ($blocked) { |
|
$r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
|
return; |
|
} |
} else { |
} else { |
$r->print( |
$r->print( |
'<p class="LC_warning">' |
'<p class="LC_warning">' |
Line 1360 sub passwordchanger {
|
Line 1366 sub passwordchanger {
|
my $jsh=Apache::File->new($include."/londes.js"); |
my $jsh=Apache::File->new($include."/londes.js"); |
$r->print(<$jsh>); |
$r->print(<$jsh>); |
} |
} |
$r->print(&jscript_send($caller,$extrafields)); |
$r->print(&jscript_send($caller,$domain,$currentauth,$extrafields)); |
$r->print(<<ENDFORM); |
$r->print(<<ENDFORM); |
$errormessage |
$errormessage |
|
|
Line 1377 ENDFORM
|
Line 1383 ENDFORM
|
} |
} |
|
|
sub jscript_send { |
sub jscript_send { |
my ($caller,$extrafields) = @_; |
my ($caller,$domain,$currentauth,$extrafields) = @_; |
|
my ($min,$max,$rulestr,$numrules); |
|
$min = $Apache::lonnet::passwdmin; |
|
my %js_lt = &Apache::lonlocal::texthash( |
|
uc => 'New password needs at least one upper case letter', |
|
lc => 'New password needs at least one lower case letter', |
|
num => 'New password needs at least one number', |
|
spec => 'New password needs at least one non-alphanumeric', |
|
blank1 => 'Empty Password field', |
|
blank2 => 'Empty Confirm Password field', |
|
mismatch => 'Contents of Password and Confirm Password fields must match', |
|
fail => 'Please fix the following:', |
|
); |
|
&js_escape(\%js_lt); |
|
if ($currentauth eq 'internal:') { |
|
if ($domain ne '') { |
|
my %passwdconf = &Apache::lonnet::get_passwdconf($domain); |
|
if (keys(%passwdconf)) { |
|
if ($passwdconf{min}) { |
|
$min = $passwdconf{min}; |
|
} |
|
if ($passwdconf{max}) { |
|
$max = $passwdconf{max}; |
|
$js_lt{'long'} = &js_escape(&mt('Maximum password length: [_1]',$max)); |
|
} |
|
if (ref($passwdconf{chars}) eq 'ARRAY') { |
|
if (@{$passwdconf{chars}}) { |
|
$rulestr = join('","',@{$passwdconf{chars}}); |
|
$numrules = scalar(@{$passwdconf{chars}}); |
|
} |
|
} |
|
} |
|
} |
|
} |
|
$js_lt{'short'} = &js_escape(&mt('Minimum password length: [_1]',$min)); |
|
|
|
my $passwdcheck = <<"ENDJS"; |
|
var errors = new Array(); |
|
var min = parseInt("$min") || 0; |
|
var currauth = "$currentauth"; |
|
if (this.document.client.elements.newpass_1.value == '') { |
|
errors.push("$js_lt{'blank1'}"); |
|
} |
|
if (this.document.client.elements.newpass_2.value == '') { |
|
errors.push("$js_lt{'blank2'}"); |
|
} |
|
if (errors.length == 0) { |
|
if (this.document.client.elements.newpass_1.value != this.document.client.elements.newpass_2.value) { |
|
errors.push("$js_lt{'mismatch'}"); |
|
} |
|
var posspass = this.document.client.elements.newpass_1.value; |
|
if (min > 0) { |
|
if (posspass.length < min) { |
|
errors.push("$js_lt{'short'}"); |
|
} |
|
} |
|
if (currauth == 'internal:') { |
|
var max = parseInt("$max") || 0; |
|
if (max > 0) { |
|
if (posspass.length > max) { |
|
errors.push("$js_lt{'long'}"); |
|
} |
|
} |
|
var numrules = parseInt("$numrules") || 0; |
|
if (numrules > 0) { |
|
var rules = new Array("$rulestr"); |
|
for (var i=0; i<rules.length; i++) { |
|
if (rules[i] == 'uc') { |
|
if (!posspass.match(/[A-Z]/)) { |
|
errors.push("$js_lt{'uc'}"); |
|
} |
|
} else if (rules[i] == 'lc') { |
|
if (!posspass.match(/[a-z]/)) { |
|
errors.push("$js_lt{'lc'}"); |
|
} |
|
} else if (rules[i] == 'num') { |
|
if (!posspass.match(/\\d/)) { |
|
errors.push("$js_lt{'num'}"); |
|
} |
|
} else if (rules[i] == 'spec') { |
|
var pattern = /^[!@#$%^&*()_+\\-=\\[\\]{};':"\\\|,.<a>\\/?]/; |
|
if (!posspass.match(pattern)) { |
|
errors.push("$js_lt{'spec'}"); |
|
} |
|
} |
|
} |
|
} |
|
} |
|
} |
|
if (errors.length > 0) { |
|
alert("$js_lt{'fail'}"+"\\n\\n"+errors.join("\\n")); |
|
return; |
|
} |
|
ENDJS |
my $output = qq| |
my $output = qq| |
<script type="text/javascript" language="JavaScript"> |
<script type="text/javascript" language="JavaScript"> |
|
|
function send() { |
function send() { |
|
$passwdcheck |
uextkey=this.document.client.elements.ukey_cpass.value; |
uextkey=this.document.client.elements.ukey_cpass.value; |
lextkey=this.document.client.elements.lkey_cpass.value; |
lextkey=this.document.client.elements.lkey_cpass.value; |
initkeys(); |
initkeys(); |
Line 1522 sub server_form {
|
Line 1622 sub server_form {
|
} |
} |
|
|
sub verify_and_change_password { |
sub verify_and_change_password { |
my ($r,$caller,$mailtoken,$ended) = @_; |
my ($r,$caller,$mailtoken,$timelimit,$extrafields,$ended) = @_; |
my ($user,$domain,$homeserver); |
my ($user,$domain,$homeserver); |
my ($blocked,$blocktext) = |
|
&Apache::loncommon::blocking_status('passwd'); |
|
if ($blocked) { |
|
$r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
|
return; |
|
} |
|
if ($caller eq 'reset_by_email') { |
if ($caller eq 'reset_by_email') { |
$user = $env{'form.uname'}; |
$user = $env{'form.uname'}; |
$domain = $env{'form.udom'}; |
$domain = $env{'form.udom'}; |
Line 1538 sub verify_and_change_password {
|
Line 1632 sub verify_and_change_password {
|
if ($homeserver eq 'no_host') { |
if ($homeserver eq 'no_host') { |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&mt("Invalid username and/or domain")."</span>\n</p>", |
&mt("Invalid username and/or domain")."</span>\n</p>", |
$caller,$mailtoken); |
$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
return 'no_host'; |
} |
} |
} else { |
} else { |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&mt("Username and domain were blank")."</span>\n</p>", |
&mt("Username and domain were blank")."</span>\n</p>", |
$caller,$mailtoken); |
$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
return 'missingdata'; |
} |
} |
} else { |
} else { |
$user = $env{'user.name'}; |
$user = $env{'user.name'}; |
$domain = $env{'user.domain'}; |
$domain = $env{'user.domain'}; |
$homeserver = $env{'user.home'}; |
$homeserver = $env{'user.home'}; |
} |
} |
|
my ($blocked,$blocktext) = |
|
&Apache::loncommon::blocking_status('passwd',$user,$domain); |
|
if ($blocked) { |
|
$r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
|
if ($caller eq 'reset_by_email') { |
|
return 'blocked'; |
|
} else { |
|
return; |
|
} |
|
} |
my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain); |
my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain); |
# Check for authentication types that allow changing of the password. |
# Check for authentication types that allow changing of the password. |
if ($currentauth !~ /^(unix|internal):/) { |
if ($currentauth !~ /^(unix|internal):/) { |
Line 1559 sub verify_and_change_password {
|
Line 1663 sub verify_and_change_password {
|
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&mt("Authentication type for this user can not be changed by this mechanism"). |
&mt("Authentication type for this user can not be changed by this mechanism"). |
"</span>\n</p>", |
"</span>\n</p>", |
$caller,$mailtoken); |
$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
return 'otherauth'; |
} else { |
} else { |
return; |
return; |
} |
} |
Line 1576 sub verify_and_change_password {
|
Line 1680 sub verify_and_change_password {
|
defined($newpass2) ){ |
defined($newpass2) ){ |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&passwordchanger($r,"<p>\n<span class='LC_error'>". |
&mt("One or more password fields were blank"). |
&mt("One or more password fields were blank"). |
"</span>\n</p>",$caller,$mailtoken); |
"</span>\n</p>",$caller,$mailtoken,$timelimit,$extrafields); |
return; |
if ($caller eq 'reset_by_email') { |
|
return 'missingdata'; |
|
} else { |
|
return; |
|
} |
} |
} |
# Get the keys |
# Get the keys |
my $lonhost = $r->dir_config('lonHostID'); |
my $lonhost = $r->dir_config('lonHostID'); |
Line 1595 sub verify_and_change_password {
|
Line 1703 sub verify_and_change_password {
|
</p> |
</p> |
ENDERROR |
ENDERROR |
# Probably should log an error here |
# Probably should log an error here |
return 1; |
if ($caller eq 'reset_by_email') { |
|
return 'internalerror'; |
|
} else { |
|
return; |
|
} |
} |
} |
my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo); |
my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo); |
# |
# |
Line 1609 ENDERROR
|
Line 1721 ENDERROR
|
&passwordchanger($r, |
&passwordchanger($r, |
'<span class="LC_error">'. |
'<span class="LC_error">'. |
&mt('Could not verify current authentication.').' '. |
&mt('Could not verify current authentication.').' '. |
&mt('Please try again.').'</span>',$caller,$mailtoken); |
&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
return 'emptydata'; |
} |
} |
if ($currentpass ne $data{'temppasswd'}) { |
if ($currentpass ne $data{'temppasswd'}) { |
&passwordchanger($r, |
&passwordchanger($r, |
'<span class="LC_error">'. |
'<span class="LC_error">'. |
&mt('Could not verify current authentication.').' '. |
&mt('Could not verify current authentication.').' '. |
&mt('Please try again.').'</span>',$caller,$mailtoken); |
&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
return 'missingtemp'; |
} |
} |
} |
} |
if ($newpass1 ne $newpass2) { |
if ($newpass1 ne $newpass2) { |
&passwordchanger($r, |
&passwordchanger($r, |
'<span class="LC_warning">'. |
'<span class="LC_warning">'. |
&mt('The new passwords you entered do not match.').' '. |
&mt('The new passwords you entered do not match.').' '. |
&mt('Please try again.').'</span>',$caller,$mailtoken); |
&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
if ($caller eq 'reset_by_email') { |
|
return 'mismatch'; |
|
} else { |
|
return; |
|
} |
} |
} |
if ($currentauth eq 'unix:') { |
if ($currentauth eq 'unix:') { |
if (length($newpass1) < 7) { |
if (length($newpass1) < 7) { |
&passwordchanger($r, |
&passwordchanger($r, |
'<span class="LC_warning">'. |
'<span class="LC_warning">'. |
&mt('Passwords must be a minimum of 7 characters long.').' '. |
&mt('Passwords must be a minimum of 7 characters long.').' '. |
&mt('Please try again.').'</span>',$caller,$mailtoken); |
&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
if ($caller eq 'reset_by_email') { |
|
return 'length'; |
|
} else { |
|
return; |
|
} |
} |
} |
} else { |
} else { |
my $warning = &Apache::loncommon::check_passwd_rules($domain,$newpass1); |
my $warning = &Apache::loncommon::check_passwd_rules($domain,$newpass1); |
Line 1641 ENDERROR
|
Line 1761 ENDERROR
|
&passwordchanger($r,'<span class="LC_warning">'. |
&passwordchanger($r,'<span class="LC_warning">'. |
$warning. |
$warning. |
&mt('Please try again.').'</span>', |
&mt('Please try again.').'</span>', |
$caller,$mailtoken); |
$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
if ($caller eq 'reset_by_email') { |
|
return 'rules'; |
|
} else { |
|
return; |
|
} |
} |
} |
} |
} |
# |
# |
Line 1662 ENDERROR
|
Line 1786 ENDERROR
|
ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~ |
ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~ |
</pre></span> |
</pre></span> |
ENDERROR |
ENDERROR |
&passwordchanger($r,$errormessage,$caller,$mailtoken); |
&passwordchanger($r,$errormessage,$caller,$mailtoken,$timelimit,$extrafields); |
return 1; |
if ($caller eq 'reset_by_email') { |
|
return 'badchars'; |
|
} else { |
|
return; |
|
} |
} |
} |
# |
# |
# Change the password (finally) |
# Change the password (finally) |
Line 1686 ENDERROR
|
Line 1814 ENDERROR
|
# error error: run in circles, scream and shout |
# error error: run in circles, scream and shout |
if ($caller eq 'reset_by_email') { |
if ($caller eq 'reset_by_email') { |
if (!$result) { |
if (!$result) { |
return 1; |
return 'error'; |
} else { |
} else { |
return $result; |
return $result; |
} |
} |
Line 2318 sub handler {
|
Line 2446 sub handler {
|
}elsif($env{'form.action'} eq 'changepass'){ |
}elsif($env{'form.action'} eq 'changepass'){ |
&passwordchanger($r); |
&passwordchanger($r); |
}elsif($env{'form.action'} eq 'verify_and_change_pass'){ |
}elsif($env{'form.action'} eq 'verify_and_change_pass'){ |
&verify_and_change_password($r,'preferences','',\$ended); |
&verify_and_change_password($r,'preferences','','','',\$ended); |
}elsif($env{'form.action'} eq 'changescreenname'){ |
}elsif($env{'form.action'} eq 'changescreenname'){ |
&screennamechanger($r); |
&screennamechanger($r); |
}elsif($env{'form.action'} eq 'verify_and_change_screenname'){ |
}elsif($env{'form.action'} eq 'verify_and_change_screenname'){ |