|
version 1.46, 2019/08/30 00:09:39
|
version 1.51, 2021/11/30 16:08:44
|
|
Line 115 sub handler {
|
Line 115 sub handler {
|
| } |
} |
| } |
} |
| my %passwdconf = &Apache::lonnet::get_passwdconf($dom_in_effect); |
my %passwdconf = &Apache::lonnet::get_passwdconf($dom_in_effect); |
| |
my $clientip = &Apache::lonnet::get_requestor_ip($r); |
| my $token = $env{'form.token'}; |
my $token = $env{'form.token'}; |
| my $useremail = $env{'form.useremail'}; |
my $useremail = $env{'form.useremail'}; |
| if (($udom ne '') && (!$otherinst) && (!$token)) { |
if (($udom ne '') && (!$otherinst) && (!$token)) { |
|
Line 292 END
|
Line 293 END
|
| my $output; |
my $output; |
| if ($token) { |
if ($token) { |
| $r->print($header); |
$r->print($header); |
| &reset_passwd($r,$token,$contact_name,$contact_email,\%passwdconf); |
&reset_passwd($r,$token,$contact_name,$contact_email,$clientip,\%passwdconf); |
| $r->print(&Apache::loncommon::end_page()); |
$r->print(&Apache::loncommon::end_page()); |
| return OK; |
return OK; |
| } elsif ($udom) { |
} elsif ($udom) { |
|
Line 300 END
|
Line 301 END
|
| $output = &invalid_state('baddomain',$domdesc, |
$output = &invalid_state('baddomain',$domdesc, |
| $contact_name,$contact_email); |
$contact_name,$contact_email); |
| } elsif ($otherinst) { |
} elsif ($otherinst) { |
| ($header,$output) = &homeserver_redirect($uname,$udom,$domdesc,$brcrum); |
($header,$output) = &homeserver_redirect($r,$uname,$udom,$domdesc,$brcrum); |
| } elsif (($uname) || ($useremail)) { |
} elsif (($uname) || ($useremail)) { |
| my $earlyout; |
my $earlyout; |
| unless ($passwdconf{'captcha'} eq 'unused') { |
unless ($passwdconf{'captcha'} eq 'unused') { |
|
Line 327 END
|
Line 328 END
|
| my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom); |
my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom); |
| if ($authtype =~ /^internal/) { |
if ($authtype =~ /^internal/) { |
| my ($blocked,$blocktext) = |
my ($blocked,$blocktext) = |
| &Apache::loncommon::blocking_status('passwd',$uname,$udom); |
&Apache::loncommon::blocking_status('passwd',$clientip,$uname,$udom); |
| if ($blocked) { |
if ($blocked) { |
| $output = '<p class="LC_warning">'.$blocktext.'</p>' |
$output = '<p class="LC_warning">'.$blocktext.'</p>' |
| .&display_actions($contact_email,$domdesc); |
.&display_actions($contact_email,$domdesc); |
|
Line 482 sub send_token {
|
Line 483 sub send_token {
|
| |
|
| my $now = time; |
my $now = time; |
| my $temppasswd = &create_passwd(); |
my $temppasswd = &create_passwd(); |
| my %info = ('ip' => $ENV{'REMOTE_ADDR'}, |
my $ip = &Apache::lonnet::get_requestor_ip(); |
| |
my %info = ('ip' => $ip, |
| 'time' => $now, |
'time' => $now, |
| 'domain' => $udom, |
'domain' => $udom, |
| 'username' => $uname, |
'username' => $uname, |
|
Line 578 sub invalid_state {
|
Line 580 sub invalid_state {
|
| } |
} |
| |
|
| sub homeserver_redirect { |
sub homeserver_redirect { |
| my ($uname,$udom,$domdesc,$brcrum) = @_; |
my ($r,$uname,$udom,$domdesc,$brcrum) = @_; |
| my $uhome; |
my $uhome; |
| if (($uname ne '') && ($udom ne '')) { |
if (($uname ne '') && ($udom ne '')) { |
| $uhome = &Apache::lonnet::homeserver($uname,$udom); |
$uhome = &Apache::lonnet::homeserver($uname,$udom); |
|
Line 589 sub homeserver_redirect {
|
Line 591 sub homeserver_redirect {
|
| my $hostname = &Apache::lonnet::hostname($uhome); |
my $hostname = &Apache::lonnet::hostname($uhome); |
| my $protocol = $Apache::lonnet::protocol{$uhome}; |
my $protocol = $Apache::lonnet::protocol{$uhome}; |
| $protocol = 'http' if ($protocol ne 'https'); |
$protocol = 'http' if ($protocol ne 'https'); |
| |
my $alias = &Apache::lonnet::use_proxy_alias($r,$uhome); |
| |
$hostname = $alias if ($alias ne ''); |
| my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
| # Breadcrumbs |
# Breadcrumbs |
| my $start_page = &Apache::loncommon::start_page('Switching Server',undef, |
my $start_page = &Apache::loncommon::start_page('Switching Server',undef, |
|
Line 601 sub homeserver_redirect {
|
Line 605 sub homeserver_redirect {
|
| } |
} |
| |
|
| sub reset_passwd { |
sub reset_passwd { |
| my ($r,$token,$contact_name,$contact_email,$passwdconf) = @_; |
my ($r,$token,$contact_name,$contact_email,$clientip,$passwdconf) = @_; |
| return unless (ref($passwdconf) eq 'HASH'); |
return unless (ref($passwdconf) eq 'HASH'); |
| my %data = &Apache::lonnet::tmpget($token); |
my %data = &Apache::lonnet::tmpget($token); |
| my $now = time; |
my $now = time; |
|
Line 622 sub reset_passwd {
|
Line 626 sub reset_passwd {
|
| } |
} |
| my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); |
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); |
| my ($blocked,$blocktext) = |
my ($blocked,$blocktext) = |
| &Apache::loncommon::blocking_status('passwd',$data{'username'},$data{'domain'}); |
&Apache::loncommon::blocking_status('passwd',$clientip,$data{'username'},$data{'domain'}); |
| if ($blocked) { |
if ($blocked) { |
| $r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
$r->print('<p class="LC_warning">'.$blocktext.'</p>'); |
| return; |
return; |
|
Line 639 sub reset_passwd {
|
Line 643 sub reset_passwd {
|
| $invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
| } |
} |
| } else { |
} else { |
| unless ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) { |
if ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) { |
| |
$env{'form.uname'} = $data{'username'}; |
| |
} else { |
| $invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
| } |
} |
| } |
} |
|
Line 661 sub reset_passwd {
|
Line 667 sub reset_passwd {
|
| } |
} |
| if ($invalidinfo) { |
if ($invalidinfo) { |
| &Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo"); |
&Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo"); |
| $r->print(&generic_failure_msg($contact_name,$contact_email)); |
my $retry; |
| |
$r->print( |
| |
'<p class="LC_warning">' |
| |
.&mt('A problem occurred when attempting to reset' |
| |
.' the password for your account.').'</p>'); |
| |
if (($formfields{'username'}) && ($formfields{'email'})) { |
| |
if ($needscase) { |
| |
$r->print('<p>' |
| |
.&mt('Please verify you entered the correct username and e-mail address, ' |
| |
.'including the correct lower and/or upper case letters') |
| |
.'</p>'); |
| |
} else { |
| |
$r->print('<p>' |
| |
.&mt('Please verify you entered the correct username and e-mail address.') |
| |
.'</p>'); |
| |
} |
| |
$retry = 1; |
| |
} elsif ($formfields{'username'}) { |
| |
if ($needscase) { |
| |
$r->print('<p>' |
| |
.&mt('Please verify you entered the correct username, ' |
| |
.'including the correct lower and/or upper case letters') |
| |
.'</p>'); |
| |
} else { |
| |
$r->print('<p>' |
| |
.&mt('Please verify you entered the correct username.') |
| |
.'</p>'); |
| |
} |
| |
$retry = 1; |
| |
} elsif ($formfields{'email'}) { |
| |
if ($needscase) { |
| |
$r->print('<p>' |
| |
.&mt('Please verify you entered the correct e-mail address, ' |
| |
.'including the correct lower and/or upper case letters') |
| |
.'</p>'); |
| |
} else { |
| |
$r->print('<p>' |
| |
.&mt('Please verify you entered the correct e-mail address.') |
| |
.'</p>'); |
| |
} |
| |
$retry = 1; |
| |
} |
| |
if ($retry) { |
| |
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
| |
} else { |
| |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
| |
} |
| unless ($formfields{'username'}) { |
unless ($formfields{'username'}) { |
| delete($env{'form.uname'}); |
delete($env{'form.uname'}); |
| delete($env{'form.udom'}); |
delete($env{'form.udom'}); |
|
Line 669 sub reset_passwd {
|
Line 721 sub reset_passwd {
|
| return; |
return; |
| } |
} |
| my $change_failed = |
my $change_failed = |
| &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token,$timelimit,\%formfields); |
| if (!$change_failed) { |
if (!$change_failed) { |
| my $delete = &Apache::lonnet::tmpdel($token); |
my $delete = &Apache::lonnet::tmpdel($token); |
| my $now = &Apache::lonlocal::locallocaltime(time); |
my $now = &Apache::lonlocal::locallocaltime(time); |
| my $domdesc = |
my $domdesc = |
| &Apache::lonnet::domain($data{'domain'},'description'); |
&Apache::lonnet::domain($data{'domain'},'description'); |
| my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
my $ip = &Apache::lonnet::get_requestor_ip(); |
| |
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ip,$contact_name,$contact_email)."\n"; |
| my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
| $contact_name,$contact_email); |
$contact_name,$contact_email); |
| my $confirm_msg; |
my $confirm_msg; |
|
Line 705 sub reset_passwd {
|
Line 758 sub reset_passwd {
|
| my $hostname = &Apache::lonnet::hostname($homeserver); |
my $hostname = &Apache::lonnet::hostname($homeserver); |
| my $protocol = $Apache::lonnet::protocol{$homeserver}; |
my $protocol = $Apache::lonnet::protocol{$homeserver}; |
| $protocol = 'http' if ($protocol ne 'https'); |
$protocol = 'http' if ($protocol ne 'https'); |
| |
my $alias = &Apache::lonnet::use_proxy_alias($r,$homeserver); |
| |
$hostname = $alias if ($alias ne ''); |
| my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
| my ($opentag,$closetag); |
my ($opentag,$closetag); |
| if ($url) { |
if ($url) { |
|
Line 729 sub reset_passwd {
|
Line 784 sub reset_passwd {
|
| .'</p>' |
.'</p>' |
| .&display_actions($contact_email,$domdesc,$token) |
.&display_actions($contact_email,$domdesc,$token) |
| ); |
); |
| } else { |
} elsif (($change_failed eq 'internalerror') || ($change_failed eq 'missingtemp') || |
| |
($change_failed eq 'error')) { |
| $r->print(&generic_failure_msg($contact_name,$contact_email)); |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
| } |
} |
| unless ($formfields{'username'}) { |
unless ($formfields{'username'}) { |
|
Line 749 sub reset_passwd {
|
Line 805 sub reset_passwd {
|
| if ($needscase) { |
if ($needscase) { |
| $r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).')); |
$r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).')); |
| } |
} |
| $r->print(' '); |
$r->print('<br />'); |
| |
} |
| |
my ($min,$max,$minrule,$maxrule); |
| |
if ($passwdconf->{min}) { |
| |
$min = $passwdconf->{min}; |
| |
} else { |
| |
$min = $Apache::lonnet::passwdmin; |
| |
} |
| |
if ($min) { |
| |
$minrule = &mt('Minimum password length: [_1]',$min); |
| |
} |
| |
if ($passwdconf->{max}) { |
| |
$max = $passwdconf->{max}; |
| |
$maxrule = &mt('Maximum password length: [_1]',$max); |
| } |
} |
| if (ref($passwdconf->{chars}) eq 'ARRAY') { |
if (ref($passwdconf->{chars}) eq 'ARRAY') { |
| my %rules; |
my %rules; |
|
Line 766 sub reset_passwd {
|
Line 835 sub reset_passwd {
|
| $r->print('<li>'.$rulenames{$poss}.'</li>'); |
$r->print('<li>'.$rulenames{$poss}.'</li>'); |
| } |
} |
| } |
} |
| |
if ($min) { |
| |
$r->print('<li>'.$minrule.'</li>'); |
| |
} |
| |
if ($max) { |
| |
$r->print('<li>'.$maxrule.'</li>'); |
| |
} |
| $r->print('</ul>'); |
$r->print('</ul>'); |
| } else { |
} else { |
| $r->print(&mt('The new password must contain at least 7 characters.').' '); |
if ($min && $max) { |
| |
$r->print(&mt('The new password must satisfy the following:').'<ul>'."\n". |
| |
'<li>'.$minrule.'</li>'."\n". |
| |
'<li>'.$maxrule.'</li>'."\n". |
| |
'</ul>'."\n"); |
| |
} elsif ($min) { |
| |
$r->print($minrule.'<br />'); |
| |
} elsif ($max) { |
| |
$r->print($maxrule.'<br />'); |
| |
} |
| } |
} |
| $r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />'); |
$r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />'); |
| &Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
|
Line 776 sub reset_passwd {
|
Line 860 sub reset_passwd {
|
| } else { |
} else { |
| $r->print( |
$r->print( |
| '<p class="LC_warning">' |
'<p class="LC_warning">' |
| .&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' |
.&mt('Sorry, the token generated when you requested a password reset has expired.').'<br />' |
| |
.&mt('Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' |
| ,'<a href="/adm/resetpw">','</a>') |
,'<a href="/adm/resetpw">','</a>') |
| .'</p>' |
.'</p>' |
| ); |
); |
![[BACK]](/icons/back.gif){kind=icon}
Return to resetpw.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface