' - .&mt('Sorry, the URL you provided to complete the reset of your password was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a [_1]new request[_2] for a password reset, and follow the link to the new URL included in the e-mail that will be sent to you, to allow you to enter a new password.' - ,'','') - .'
' - ); - return; - } - if (defined($data{time})) { - if (time - $data{'time'} < $timelimit) { - $user = $data{'username'}; - $domain = $data{'domain'}; - $currentpass = $data{'temppasswd'}; - } else { - $r->print( - '' - .&mt('Sorry, the token generated when you requested' - .' a password reset has expired.') - .'
' - ); - return; - } + my %data = &Apache::lonnet::tmpget($mailtoken); + if (keys(%data) == 0) { + $r->print( + '' + .&mt('Sorry, the URL you provided to complete the reset of your password was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a [_1]new request[_2] for a password reset, and follow the link to the new URL included in the e-mail that will be sent to you, to allow you to enter a new password.' + ,'','') + .'
' + ); + return; + } + if (defined($data{time})) { + if (time - $data{'time'} < $timelimit) { + $user = $data{'username'}; + $domain = $data{'domain'}; + $currentpass = $data{'temppasswd'}; } else { $r->print( '' - .&mt('Sorry, the URL generated when you requested reset of' - .' your password contained incomplete information.') + .&mt('Sorry, the token generated when you requested' + .' a password reset has expired.') .'
' ); return; } - if (&Apache::lonnet::domain($domain) eq '') { - $domain = $r->dir_config('lonDefDomain'); - } + } else { + $r->print( + '' + .&mt('Sorry, the URL generated when you requested reset of' + .' your password contained incomplete information.') + .'
' + ); + return; + } + if (&Apache::lonnet::domain($domain) eq '') { + $domain = $r->dir_config('lonDefDomain'); + } } else { $r->print( '' @@ -1621,7 +1619,7 @@ ENDERROR &mt('Please try again.').'',$caller,$mailtoken); return 1; } - } + } if ($newpass1 ne $newpass2) { &passwordchanger($r, ''. @@ -1629,12 +1627,23 @@ ENDERROR &mt('Please try again.').'',$caller,$mailtoken); return 1; } - if (length($newpass1) < 7) { - &passwordchanger($r, - ''. - &mt('Passwords must be a minimum of 7 characters long.').' '. - &mt('Please try again.').'',$caller,$mailtoken); - return 1; + if ($currentauth eq 'unix:') { + if (length($newpass1) < 7) { + &passwordchanger($r, + ''. + &mt('Passwords must be a minimum of 7 characters long.').' '. + &mt('Please try again.').'',$caller,$mailtoken); + return 1; + } + } else { + my $warning = &Apache::loncommon::check_passwd_rules($domain,$newpass1); + if ($warning) { + &passwordchanger($r,''. + $warning. + &mt('Please try again.').'', + $caller,$mailtoken); + return 1; + } } # # Check for bad characters @@ -1682,8 +1691,14 @@ ENDERROR return $result; } } else { + my $feedback; + if ($result eq 'prioruse') { + $feedback = &mt('Please enter a password that you have not used recently.'); + } else { + $feedback = &mt('Please make sure your old password was entered correctly.'); + } $message = &Apache::lonhtmlcommon::confirm_success( - &mt("The password for user [_1] was not changed.",''.$user.'').' '.&mt('Please make sure your old password was entered correctly.'),1); + &mt("The password for user [_1] was not changed.",''.$user.'').' '.$feedback,1); $message=&Apache::loncommon::confirmwrapper($message); &print_main_menu($r, $message); if (ref($ended)) {