loncom/interface/lonpreferences.pm - diff

Return to lonpreferences.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/lonpreferences.pm between versions 1.235 and 1.236

version 1.235, 2019/08/21 22:41:13	version 1.236, 2020/02/09 04:43:20
Line 1273 sub passwordchanger {	Line 1273 sub passwordchanger {
$r->print(Apache::loncommon::start_page('Personal Data'));	$r->print(Apache::loncommon::start_page('Personal Data'));
$r->print(Apache::lonhtmlcommon::breadcrumbs('Change Password'));	$r->print(Apache::lonhtmlcommon::breadcrumbs('Change Password'));
}	}
my ($blocked,$blocktext) =
&Apache::loncommon::blocking_status('passwd');
if ($blocked) {
$r->print('<p class="LC_warning">'.$blocktext.'</p>');
return;
}
if ((!defined($caller)) \|\| ($caller eq 'preferences')) {	if ((!defined($caller)) \|\| ($caller eq 'preferences')) {
$user = $env{'user.name'};	$user = $env{'user.name'};
$domain = $env{'user.domain'};	$domain = $env{'user.domain'};
if (!defined($caller)) {	if (!defined($caller)) {
$caller = 'preferences';	$caller = 'preferences';
}	}
	my ($blocked,$blocktext) =
	&Apache::loncommon::blocking_status('passwd');
	if ($blocked) {
	$r->print('<p class="LC_warning">'.$blocktext.'</p>');
	return;
	}
} elsif ($caller eq 'reset_by_email') {	} elsif ($caller eq 'reset_by_email') {
my %data = &Apache::lonnet::tmpget($mailtoken);	my %data = &Apache::lonnet::tmpget($mailtoken);
if (keys(%data) == 0) {	if (keys(%data) == 0) {
Line 1301 sub passwordchanger {	Line 1301 sub passwordchanger {
$user = $data{'username'};	$user = $data{'username'};
$domain = $data{'domain'};	$domain = $data{'domain'};
$currentpass = $data{'temppasswd'};	$currentpass = $data{'temppasswd'};
	my ($blocked,$blocktext) =
	&Apache::loncommon::blocking_status('passwd',$user,$domain);
	if ($blocked) {
	$r->print('<p class="LC_warning">'.$blocktext.'</p>');
	return;
	}
} else {	} else {
$r->print(	$r->print(
'<p class="LC_warning">'	'<p class="LC_warning">'
Line 1360 sub passwordchanger {	Line 1366 sub passwordchanger {
my $jsh=Apache::File->new($include."/londes.js");	my $jsh=Apache::File->new($include."/londes.js");
$r->print(<$jsh>);	$r->print(<$jsh>);
}	}
$r->print(&jscript_send($caller,$extrafields));	$r->print(&jscript_send($caller,$domain,$currentauth,$extrafields));
$r->print(<<ENDFORM);	$r->print(<<ENDFORM);
$errormessage	$errormessage

Line 1377 ENDFORM	Line 1383 ENDFORM
}	}

sub jscript_send {	sub jscript_send {
my ($caller,$extrafields) = @_;	my ($caller,$domain,$currentauth,$extrafields) = @_;
	my ($min,$max,$rulestr,$numrules);
	$min = $Apache::lonnet::passwdmin;
	my %js_lt = &Apache::lonlocal::texthash(
	uc => 'New password needs at least one upper case letter',
	lc => 'New password needs at least one lower case letter',
	num => 'New password needs at least one number',
	spec => 'New password needs at least one non-alphanumeric',
	blank1 => 'Empty Password field',
	blank2 => 'Empty Confirm Password field',
	mismatch => 'Contents of Password and Confirm Password fields must match',
	fail => 'Please fix the following:',
	);
	&js_escape(\%js_lt);
	if ($currentauth eq 'internal:') {
	if ($domain ne '') {
	my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
	if (keys(%passwdconf)) {
	if ($passwdconf{min}) {
	$min = $passwdconf{min};
	}
	if ($passwdconf{max}) {
	$max = $passwdconf{max};
	$js_lt{'long'} = &js_escape(&mt('Maximum password length: [_1]',$max));
	}
	if (ref($passwdconf{chars}) eq 'ARRAY') {
	if (@{$passwdconf{chars}}) {
	$rulestr = join('","',@{$passwdconf{chars}});
	$numrules = scalar(@{$passwdconf{chars}});
	}
	}
	}
	}
	}
	$js_lt{'short'} = &js_escape(&mt('Minimum password length: [_1]',$min));

	my $passwdcheck = <<"ENDJS";
	var errors = new Array();
	var min = parseInt("$min") \|\| 0;
	var currauth = "$currentauth";
	if (this.document.client.elements.newpass_1.value == '') {
	errors.push("$js_lt{'blank1'}");
	}
	if (this.document.client.elements.newpass_2.value == '') {
	errors.push("$js_lt{'blank2'}");
	}
	if (errors.length == 0) {
	if (this.document.client.elements.newpass_1.value != this.document.client.elements.newpass_2.value) {
	errors.push("$js_lt{'mismatch'}");
	}
	var posspass = this.document.client.elements.newpass_1.value;
	if (min > 0) {
	if (posspass.length < min) {
	errors.push("$js_lt{'short'}");
	}
	}
	if (currauth == 'internal:') {
	var max = parseInt("$max") \|\| 0;
	if (max > 0) {
	if (posspass.length > max) {
	errors.push("$js_lt{'long'}");
	}
	}
	var numrules = parseInt("$numrules") \|\| 0;
	if (numrules > 0) {
	var rules = new Array("$rulestr");
	for (var i=0; i<rules.length; i++) {
	if (rules[i] == 'uc') {
	if (!posspass.match(/[A-Z]/)) {
	errors.push("$js_lt{'uc'}");
	}
	} else if (rules[i] == 'lc') {
	if (!posspass.match(/[a-z]/)) {
	errors.push("$js_lt{'lc'}");
	}
	} else if (rules[i] == 'num') {
	if (!posspass.match(/\\d/)) {
	errors.push("$js_lt{'num'}");
	}
	} else if (rules[i] == 'spec') {
	var pattern = /^[!@#$%^&*()_+\\-=\\[\\]{};':"\\\\|,.<a>\\/?]/;
	if (!posspass.match(pattern)) {
	errors.push("$js_lt{'spec'}");
	}
	}
	}
	}
	}
	}
	if (errors.length > 0) {
	alert("$js_lt{'fail'}"+"\\n\\n"+errors.join("\\n"));
	return;
	}
	ENDJS
my $output = qq\|	my $output = qq\|
<script type="text/javascript" language="JavaScript">	<script type="text/javascript" language="JavaScript">

function send() {	function send() {
	$passwdcheck
uextkey=this.document.client.elements.ukey_cpass.value;	uextkey=this.document.client.elements.ukey_cpass.value;
lextkey=this.document.client.elements.lkey_cpass.value;	lextkey=this.document.client.elements.lkey_cpass.value;
initkeys();	initkeys();
Line 1522 sub server_form {	Line 1622 sub server_form {
}	}

sub verify_and_change_password {	sub verify_and_change_password {
my ($r,$caller,$mailtoken,$ended) = @_;	my ($r,$caller,$mailtoken,$timelimit,$extrafields,$ended) = @_;
my ($user,$domain,$homeserver);	my ($user,$domain,$homeserver);
my ($blocked,$blocktext) =
&Apache::loncommon::blocking_status('passwd');
if ($blocked) {
$r->print('<p class="LC_warning">'.$blocktext.'</p>');
return;
}
if ($caller eq 'reset_by_email') {	if ($caller eq 'reset_by_email') {
$user = $env{'form.uname'};	$user = $env{'form.uname'};
$domain = $env{'form.udom'};	$domain = $env{'form.udom'};
Line 1538 sub verify_and_change_password {	Line 1632 sub verify_and_change_password {
if ($homeserver eq 'no_host') {	if ($homeserver eq 'no_host') {
&passwordchanger($r,"<p>\n<span class='LC_error'>".	&passwordchanger($r,"<p>\n<span class='LC_error'>".
&mt("Invalid username and/or domain")."</span>\n</p>",	&mt("Invalid username and/or domain")."</span>\n</p>",
$caller,$mailtoken);	$caller,$mailtoken,$timelimit,$extrafields);
return 1;	return 'no_host';
}	}
} else {	} else {
&passwordchanger($r,"<p>\n<span class='LC_error'>".	&passwordchanger($r,"<p>\n<span class='LC_error'>".
&mt("Username and domain were blank")."</span>\n</p>",	&mt("Username and domain were blank")."</span>\n</p>",
$caller,$mailtoken);	$caller,$mailtoken,$timelimit,$extrafields);
return 1;	return 'missingdata';
}	}
} else {	} else {
$user = $env{'user.name'};	$user = $env{'user.name'};
$domain = $env{'user.domain'};	$domain = $env{'user.domain'};
$homeserver = $env{'user.home'};	$homeserver = $env{'user.home'};
}	}
	my ($blocked,$blocktext) =
	&Apache::loncommon::blocking_status('passwd',$user,$domain);
	if ($blocked) {
	$r->print('<p class="LC_warning">'.$blocktext.'</p>');
	if ($caller eq 'reset_by_email') {
	return 'blocked';
	} else {
	return;
	}
	}
my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);	my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
# Check for authentication types that allow changing of the password.	# Check for authentication types that allow changing of the password.
if ($currentauth !~ /^(unix\|internal):/) {	if ($currentauth !~ /^(unix\|internal):/) {
Line 1559 sub verify_and_change_password {	Line 1663 sub verify_and_change_password {
&passwordchanger($r,"<p>\n<span class='LC_error'>".	&passwordchanger($r,"<p>\n<span class='LC_error'>".
&mt("Authentication type for this user can not be changed by this mechanism").	&mt("Authentication type for this user can not be changed by this mechanism").
"</span>\n</p>",	"</span>\n</p>",
$caller,$mailtoken);	$caller,$mailtoken,$timelimit,$extrafields);
return 1;	return 'otherauth';
} else {	} else {
return;	return;
}	}
Line 1576 sub verify_and_change_password {	Line 1680 sub verify_and_change_password {
defined($newpass2) ){	defined($newpass2) ){
&passwordchanger($r,"<p>\n<span class='LC_error'>".	&passwordchanger($r,"<p>\n<span class='LC_error'>".
&mt("One or more password fields were blank").	&mt("One or more password fields were blank").
"</span>\n</p>",$caller,$mailtoken);	"</span>\n</p>",$caller,$mailtoken,$timelimit,$extrafields);
return;	if ($caller eq 'reset_by_email') {
	return 'missingdata';
	} else {
	return;
	}
}	}
# Get the keys	# Get the keys
my $lonhost = $r->dir_config('lonHostID');	my $lonhost = $r->dir_config('lonHostID');
Line 1595 sub verify_and_change_password {	Line 1703 sub verify_and_change_password {
</p>	</p>
ENDERROR	ENDERROR
# Probably should log an error here	# Probably should log an error here
return 1;	if ($caller eq 'reset_by_email') {
	return 'internalerror';
	} else {
	return;
	}
}	}
my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);	my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);
#	#
Line 1609 ENDERROR	Line 1721 ENDERROR
&passwordchanger($r,	&passwordchanger($r,
'<span class="LC_error">'.	'<span class="LC_error">'.
&mt('Could not verify current authentication.').' '.	&mt('Could not verify current authentication.').' '.
&mt('Please try again.').'</span>',$caller,$mailtoken);	&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
return 1;	return 'emptydata';
}	}
if ($currentpass ne $data{'temppasswd'}) {	if ($currentpass ne $data{'temppasswd'}) {
&passwordchanger($r,	&passwordchanger($r,
'<span class="LC_error">'.	'<span class="LC_error">'.
&mt('Could not verify current authentication.').' '.	&mt('Could not verify current authentication.').' '.
&mt('Please try again.').'</span>',$caller,$mailtoken);	&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
return 1;	return 'missingtemp';
}	}
}	}
if ($newpass1 ne $newpass2) {	if ($newpass1 ne $newpass2) {
&passwordchanger($r,	&passwordchanger($r,
'<span class="LC_warning">'.	'<span class="LC_warning">'.
&mt('The new passwords you entered do not match.').' '.	&mt('The new passwords you entered do not match.').' '.
&mt('Please try again.').'</span>',$caller,$mailtoken);	&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
return 1;	if ($caller eq 'reset_by_email') {
	return 'mismatch';
	} else {
	return;
	}
}	}
if ($currentauth eq 'unix:') {	if ($currentauth eq 'unix:') {
if (length($newpass1) < 7) {	if (length($newpass1) < 7) {
&passwordchanger($r,	&passwordchanger($r,
'<span class="LC_warning">'.	'<span class="LC_warning">'.
&mt('Passwords must be a minimum of 7 characters long.').' '.	&mt('Passwords must be a minimum of 7 characters long.').' '.
&mt('Please try again.').'</span>',$caller,$mailtoken);	&mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
return 1;	if ($caller eq 'reset_by_email') {
	return 'length';
	} else {
	return;
	}
}	}
} else {	} else {
my $warning = &Apache::loncommon::check_passwd_rules($domain,$newpass1);	my $warning = &Apache::loncommon::check_passwd_rules($domain,$newpass1);
Line 1641 ENDERROR	Line 1761 ENDERROR
&passwordchanger($r,'<span class="LC_warning">'.	&passwordchanger($r,'<span class="LC_warning">'.
$warning.	$warning.
&mt('Please try again.').'</span>',	&mt('Please try again.').'</span>',
$caller,$mailtoken);	$caller,$mailtoken,$timelimit,$extrafields);
return 1;	if ($caller eq 'reset_by_email') {
	return 'rules';
	} else {
	return;
	}
}	}
}	}
#	#
Line 1662 ENDERROR	Line 1786 ENDERROR
ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{\|}~	ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{\|}~
</pre></span>	</pre></span>
ENDERROR	ENDERROR
&passwordchanger($r,$errormessage,$caller,$mailtoken);	&passwordchanger($r,$errormessage,$caller,$mailtoken,$timelimit,$extrafields);
return 1;	if ($caller eq 'reset_by_email') {
	return 'badchars';
	} else {
	return;
	}
}	}
#	#
# Change the password (finally)	# Change the password (finally)
Line 1686 ENDERROR	Line 1814 ENDERROR
# error error: run in circles, scream and shout	# error error: run in circles, scream and shout
if ($caller eq 'reset_by_email') {	if ($caller eq 'reset_by_email') {
if (!$result) {	if (!$result) {
return 1;	return 'error';
} else {	} else {
return $result;	return $result;
}	}
Line 2318 sub handler {	Line 2446 sub handler {
}elsif($env{'form.action'} eq 'changepass'){	}elsif($env{'form.action'} eq 'changepass'){
&passwordchanger($r);	&passwordchanger($r);
}elsif($env{'form.action'} eq 'verify_and_change_pass'){	}elsif($env{'form.action'} eq 'verify_and_change_pass'){
&verify_and_change_password($r,'preferences','',\$ended);	&verify_and_change_password($r,'preferences','','','',\$ended);
}elsif($env{'form.action'} eq 'changescreenname'){	}elsif($env{'form.action'} eq 'changescreenname'){
&screennamechanger($r);	&screennamechanger($r);
}elsif($env{'form.action'} eq 'verify_and_change_screenname'){	}elsif($env{'form.action'} eq 'verify_and_change_screenname'){

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.235
changed lines
	Added in v.1.236