version 1.44, 2019/04/24 01:44:30
|
version 1.48, 2020/12/18 15:23:02
|
Line 305 END
|
Line 305 END
|
my $earlyout; |
my $earlyout; |
unless ($passwdconf{'captcha'} eq 'unused') { |
unless ($passwdconf{'captcha'} eq 'unused') { |
my ($captcha_chk,$captcha_error) = |
my ($captcha_chk,$captcha_error) = |
&Apache::loncommon::captcha_response('passwords',$server); |
&Apache::loncommon::captcha_response('passwords',$server,$dom_in_effect); |
if ($captcha_chk != 1) { |
if ($captcha_chk != 1) { |
my $error = 'captcha'; |
my $error = 'captcha'; |
if ($passwdconf{'captcha'} eq 'recaptcha') { |
if ($passwdconf{'captcha'} eq 'recaptcha') { |
Line 359 END
|
Line 359 END
|
} |
} |
foreach my $item (@items) { |
foreach my $item (@items) { |
if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { |
if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { |
unless (grep(/^\Q$item\E$/i,@allemails)) { |
unless (grep(/^\Q$item\E$/i,@allemails)) { |
push(@allemails,$item); |
push(@allemails,$item); |
} |
} |
} |
} |
Line 482 sub send_token {
|
Line 482 sub send_token {
|
|
|
my $now = time; |
my $now = time; |
my $temppasswd = &create_passwd(); |
my $temppasswd = &create_passwd(); |
my %info = ('ip' => $ENV{'REMOTE_ADDR'}, |
my $ip = &Apache::lonnet::get_requestor_ip(); |
|
my %info = ('ip' => $ip, |
'time' => $now, |
'time' => $now, |
'domain' => $udom, |
'domain' => $udom, |
'username' => $uname, |
'username' => $uname, |
Line 639 sub reset_passwd {
|
Line 640 sub reset_passwd {
|
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
} |
} |
} else { |
} else { |
unless ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) { |
if ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) { |
|
$env{'form.uname'} = $data{'username'}; |
|
} else { |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
} |
} |
} |
} |
Line 661 sub reset_passwd {
|
Line 664 sub reset_passwd {
|
} |
} |
if ($invalidinfo) { |
if ($invalidinfo) { |
&Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo"); |
&Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo"); |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
my $retry; |
|
$r->print( |
|
'<p class="LC_warning">' |
|
.&mt('A problem occurred when attempting to reset' |
|
.' the password for your account.').'</p>'); |
|
if (($formfields{'username'}) && ($formfields{'email'})) { |
|
if ($needscase) { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username and e-mail address, ' |
|
.'including the correct lower and/or upper case letters') |
|
.'</p>'); |
|
} else { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username and e-mail address.') |
|
.'</p>'); |
|
} |
|
$retry = 1; |
|
} elsif ($formfields{'username'}) { |
|
if ($needscase) { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username, ' |
|
.'including the correct lower and/or upper case letters') |
|
.'</p>'); |
|
} else { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username.') |
|
.'</p>'); |
|
} |
|
$retry = 1; |
|
} elsif ($formfields{'email'}) { |
|
if ($needscase) { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct e-mail address, ' |
|
.'including the correct lower and/or upper case letters') |
|
.'</p>'); |
|
} else { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct e-mail address.') |
|
.'</p>'); |
|
} |
|
$retry = 1; |
|
} |
|
if ($retry) { |
|
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
|
} else { |
|
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
|
} |
unless ($formfields{'username'}) { |
unless ($formfields{'username'}) { |
delete($env{'form.uname'}); |
delete($env{'form.uname'}); |
delete($env{'form.udom'}); |
delete($env{'form.udom'}); |
Line 669 sub reset_passwd {
|
Line 718 sub reset_passwd {
|
return; |
return; |
} |
} |
my $change_failed = |
my $change_failed = |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token,$timelimit,\%formfields); |
if (!$change_failed) { |
if (!$change_failed) { |
my $delete = &Apache::lonnet::tmpdel($token); |
my $delete = &Apache::lonnet::tmpdel($token); |
my $now = &Apache::lonlocal::locallocaltime(time); |
my $now = &Apache::lonlocal::locallocaltime(time); |
my $domdesc = |
my $domdesc = |
&Apache::lonnet::domain($data{'domain'},'description'); |
&Apache::lonnet::domain($data{'domain'},'description'); |
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
my $ip = &Apache::lonnet::get_requestor_ip(); |
|
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ip,$contact_name,$contact_email)."\n"; |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
$contact_name,$contact_email); |
$contact_name,$contact_email); |
my $confirm_msg; |
my $confirm_msg; |
Line 720 sub reset_passwd {
|
Line 770 sub reset_passwd {
|
.'</p>' |
.'</p>' |
); |
); |
} |
} |
} else { |
} elsif (($change_failed eq 'prioruse') && ($passwdconf->{'numsaved'})) { |
|
my $domdesc = |
|
&Apache::lonnet::domain($data{'domain'},'description'); |
|
$r->print( |
|
'<p class="LC_warning">' |
|
.&mt('Please enter a password that you have not used recently.') |
|
.'</p>' |
|
.&display_actions($contact_email,$domdesc,$token) |
|
); |
|
} elsif (($change_failed eq 'internalerror') || ($change_failed eq 'missingtemp') || |
|
($change_failed eq 'error')) { |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
} |
} |
unless ($formfields{'username'}) { |
unless ($formfields{'username'}) { |
Line 740 sub reset_passwd {
|
Line 800 sub reset_passwd {
|
if ($needscase) { |
if ($needscase) { |
$r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).')); |
$r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).')); |
} |
} |
$r->print(' '); |
$r->print('<br />'); |
|
} |
|
my ($min,$max,$minrule,$maxrule); |
|
if ($passwdconf->{min}) { |
|
$min = $passwdconf->{min}; |
|
} else { |
|
$min = $Apache::lonnet::passwdmin; |
|
} |
|
if ($min) { |
|
$minrule = &mt('Minimum password length: [_1]',$min); |
|
} |
|
if ($passwdconf->{max}) { |
|
$max = $passwdconf->{max}; |
|
$maxrule = &mt('Maximum password length: [_1]',$max); |
} |
} |
if (ref($passwdconf->{chars}) eq 'ARRAY') { |
if (ref($passwdconf->{chars}) eq 'ARRAY') { |
my %rules; |
my %rules; |
Line 757 sub reset_passwd {
|
Line 830 sub reset_passwd {
|
$r->print('<li>'.$rulenames{$poss}.'</li>'); |
$r->print('<li>'.$rulenames{$poss}.'</li>'); |
} |
} |
} |
} |
|
if ($min) { |
|
$r->print('<li>'.$minrule.'</li>'); |
|
} |
|
if ($max) { |
|
$r->print('<li>'.$maxrule.'</li>'); |
|
} |
$r->print('</ul>'); |
$r->print('</ul>'); |
} else { |
} else { |
$r->print(&mt('The new password must contain at least 7 characters.').' '); |
if ($min && $max) { |
|
$r->print(&mt('The new password must satisfy the following:').'<ul>'."\n". |
|
'<li>'.$minrule.'</li>'."\n". |
|
'<li>'.$maxrule.'</li>'."\n". |
|
'</ul>'."\n"); |
|
} elsif ($min) { |
|
$r->print($minrule.'<br />'); |
|
} elsif ($max) { |
|
$r->print($maxrule.'<br />'); |
|
} |
} |
} |
$r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />'); |
$r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />'); |
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
Line 767 sub reset_passwd {
|
Line 855 sub reset_passwd {
|
} else { |
} else { |
$r->print( |
$r->print( |
'<p class="LC_warning">' |
'<p class="LC_warning">' |
.&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' |
.&mt('Sorry, the token generated when you requested a password reset has expired.').'<br />' |
|
.&mt('Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' |
,'<a href="/adm/resetpw">','</a>') |
,'<a href="/adm/resetpw">','</a>') |
.'</p>' |
.'</p>' |
); |
); |
Line 815 sub create_passwd {
|
Line 904 sub create_passwd {
|
} |
} |
|
|
sub display_actions { |
sub display_actions { |
my ($contact_email, $domdesc) = @_; |
my ($contact_email,$domdesc,$token) = @_; |
|
my $url = '/adm/resetpw'; |
|
if ($token) { |
|
$url .= '?token='.&escape($token); |
|
} |
my @msg = (&mt('[_1]Go back[_2] and try again', |
my @msg = (&mt('[_1]Go back[_2] and try again', |
'<a href="javascript:history.go(-1)">','</a>')); |
'<a href="'.$url.'">','</a>')); |
my $msg2 = ''; |
my $msg2 = ''; |
if ($contact_email ne '') { |
if ($contact_email ne '') { |
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); |
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); |