version 1.46, 2019/08/30 00:09:39
|
version 1.49, 2021/05/04 18:47:36
|
Line 300 END
|
Line 300 END
|
$output = &invalid_state('baddomain',$domdesc, |
$output = &invalid_state('baddomain',$domdesc, |
$contact_name,$contact_email); |
$contact_name,$contact_email); |
} elsif ($otherinst) { |
} elsif ($otherinst) { |
($header,$output) = &homeserver_redirect($uname,$udom,$domdesc,$brcrum); |
($header,$output) = &homeserver_redirect($r,$uname,$udom,$domdesc,$brcrum); |
} elsif (($uname) || ($useremail)) { |
} elsif (($uname) || ($useremail)) { |
my $earlyout; |
my $earlyout; |
unless ($passwdconf{'captcha'} eq 'unused') { |
unless ($passwdconf{'captcha'} eq 'unused') { |
Line 482 sub send_token {
|
Line 482 sub send_token {
|
|
|
my $now = time; |
my $now = time; |
my $temppasswd = &create_passwd(); |
my $temppasswd = &create_passwd(); |
my %info = ('ip' => $ENV{'REMOTE_ADDR'}, |
my $ip = &Apache::lonnet::get_requestor_ip(); |
|
my %info = ('ip' => $ip, |
'time' => $now, |
'time' => $now, |
'domain' => $udom, |
'domain' => $udom, |
'username' => $uname, |
'username' => $uname, |
Line 578 sub invalid_state {
|
Line 579 sub invalid_state {
|
} |
} |
|
|
sub homeserver_redirect { |
sub homeserver_redirect { |
my ($uname,$udom,$domdesc,$brcrum) = @_; |
my ($r,$uname,$udom,$domdesc,$brcrum) = @_; |
my $uhome; |
my $uhome; |
if (($uname ne '') && ($udom ne '')) { |
if (($uname ne '') && ($udom ne '')) { |
$uhome = &Apache::lonnet::homeserver($uname,$udom); |
$uhome = &Apache::lonnet::homeserver($uname,$udom); |
Line 589 sub homeserver_redirect {
|
Line 590 sub homeserver_redirect {
|
my $hostname = &Apache::lonnet::hostname($uhome); |
my $hostname = &Apache::lonnet::hostname($uhome); |
my $protocol = $Apache::lonnet::protocol{$uhome}; |
my $protocol = $Apache::lonnet::protocol{$uhome}; |
$protocol = 'http' if ($protocol ne 'https'); |
$protocol = 'http' if ($protocol ne 'https'); |
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$uhome); |
|
$hostname = $alias if ($alias ne ''); |
my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
# Breadcrumbs |
# Breadcrumbs |
my $start_page = &Apache::loncommon::start_page('Switching Server',undef, |
my $start_page = &Apache::loncommon::start_page('Switching Server',undef, |
Line 639 sub reset_passwd {
|
Line 642 sub reset_passwd {
|
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
} |
} |
} else { |
} else { |
unless ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) { |
if ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) { |
|
$env{'form.uname'} = $data{'username'}; |
|
} else { |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| "; |
} |
} |
} |
} |
Line 661 sub reset_passwd {
|
Line 666 sub reset_passwd {
|
} |
} |
if ($invalidinfo) { |
if ($invalidinfo) { |
&Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo"); |
&Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo"); |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
my $retry; |
|
$r->print( |
|
'<p class="LC_warning">' |
|
.&mt('A problem occurred when attempting to reset' |
|
.' the password for your account.').'</p>'); |
|
if (($formfields{'username'}) && ($formfields{'email'})) { |
|
if ($needscase) { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username and e-mail address, ' |
|
.'including the correct lower and/or upper case letters') |
|
.'</p>'); |
|
} else { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username and e-mail address.') |
|
.'</p>'); |
|
} |
|
$retry = 1; |
|
} elsif ($formfields{'username'}) { |
|
if ($needscase) { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username, ' |
|
.'including the correct lower and/or upper case letters') |
|
.'</p>'); |
|
} else { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct username.') |
|
.'</p>'); |
|
} |
|
$retry = 1; |
|
} elsif ($formfields{'email'}) { |
|
if ($needscase) { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct e-mail address, ' |
|
.'including the correct lower and/or upper case letters') |
|
.'</p>'); |
|
} else { |
|
$r->print('<p>' |
|
.&mt('Please verify you entered the correct e-mail address.') |
|
.'</p>'); |
|
} |
|
$retry = 1; |
|
} |
|
if ($retry) { |
|
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
|
} else { |
|
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
|
} |
unless ($formfields{'username'}) { |
unless ($formfields{'username'}) { |
delete($env{'form.uname'}); |
delete($env{'form.uname'}); |
delete($env{'form.udom'}); |
delete($env{'form.udom'}); |
Line 669 sub reset_passwd {
|
Line 720 sub reset_passwd {
|
return; |
return; |
} |
} |
my $change_failed = |
my $change_failed = |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token,$timelimit,\%formfields); |
if (!$change_failed) { |
if (!$change_failed) { |
my $delete = &Apache::lonnet::tmpdel($token); |
my $delete = &Apache::lonnet::tmpdel($token); |
my $now = &Apache::lonlocal::locallocaltime(time); |
my $now = &Apache::lonlocal::locallocaltime(time); |
my $domdesc = |
my $domdesc = |
&Apache::lonnet::domain($data{'domain'},'description'); |
&Apache::lonnet::domain($data{'domain'},'description'); |
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
my $ip = &Apache::lonnet::get_requestor_ip(); |
|
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ip,$contact_name,$contact_email)."\n"; |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
$contact_name,$contact_email); |
$contact_name,$contact_email); |
my $confirm_msg; |
my $confirm_msg; |
Line 705 sub reset_passwd {
|
Line 757 sub reset_passwd {
|
my $hostname = &Apache::lonnet::hostname($homeserver); |
my $hostname = &Apache::lonnet::hostname($homeserver); |
my $protocol = $Apache::lonnet::protocol{$homeserver}; |
my $protocol = $Apache::lonnet::protocol{$homeserver}; |
$protocol = 'http' if ($protocol ne 'https'); |
$protocol = 'http' if ($protocol ne 'https'); |
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$homeserver); |
|
$hostname = $alias if ($alias ne ''); |
my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
my $url = $protocol.'://'.$hostname.'/adm/resetpw'; |
my ($opentag,$closetag); |
my ($opentag,$closetag); |
if ($url) { |
if ($url) { |
Line 729 sub reset_passwd {
|
Line 783 sub reset_passwd {
|
.'</p>' |
.'</p>' |
.&display_actions($contact_email,$domdesc,$token) |
.&display_actions($contact_email,$domdesc,$token) |
); |
); |
} else { |
} elsif (($change_failed eq 'internalerror') || ($change_failed eq 'missingtemp') || |
|
($change_failed eq 'error')) { |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
$r->print(&generic_failure_msg($contact_name,$contact_email)); |
} |
} |
unless ($formfields{'username'}) { |
unless ($formfields{'username'}) { |
Line 749 sub reset_passwd {
|
Line 804 sub reset_passwd {
|
if ($needscase) { |
if ($needscase) { |
$r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).')); |
$r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).')); |
} |
} |
$r->print(' '); |
$r->print('<br />'); |
|
} |
|
my ($min,$max,$minrule,$maxrule); |
|
if ($passwdconf->{min}) { |
|
$min = $passwdconf->{min}; |
|
} else { |
|
$min = $Apache::lonnet::passwdmin; |
|
} |
|
if ($min) { |
|
$minrule = &mt('Minimum password length: [_1]',$min); |
|
} |
|
if ($passwdconf->{max}) { |
|
$max = $passwdconf->{max}; |
|
$maxrule = &mt('Maximum password length: [_1]',$max); |
} |
} |
if (ref($passwdconf->{chars}) eq 'ARRAY') { |
if (ref($passwdconf->{chars}) eq 'ARRAY') { |
my %rules; |
my %rules; |
Line 766 sub reset_passwd {
|
Line 834 sub reset_passwd {
|
$r->print('<li>'.$rulenames{$poss}.'</li>'); |
$r->print('<li>'.$rulenames{$poss}.'</li>'); |
} |
} |
} |
} |
|
if ($min) { |
|
$r->print('<li>'.$minrule.'</li>'); |
|
} |
|
if ($max) { |
|
$r->print('<li>'.$maxrule.'</li>'); |
|
} |
$r->print('</ul>'); |
$r->print('</ul>'); |
} else { |
} else { |
$r->print(&mt('The new password must contain at least 7 characters.').' '); |
if ($min && $max) { |
|
$r->print(&mt('The new password must satisfy the following:').'<ul>'."\n". |
|
'<li>'.$minrule.'</li>'."\n". |
|
'<li>'.$maxrule.'</li>'."\n". |
|
'</ul>'."\n"); |
|
} elsif ($min) { |
|
$r->print($minrule.'<br />'); |
|
} elsif ($max) { |
|
$r->print($maxrule.'<br />'); |
|
} |
} |
} |
$r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />'); |
$r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />'); |
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields); |
Line 776 sub reset_passwd {
|
Line 859 sub reset_passwd {
|
} else { |
} else { |
$r->print( |
$r->print( |
'<p class="LC_warning">' |
'<p class="LC_warning">' |
.&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' |
.&mt('Sorry, the token generated when you requested a password reset has expired.').'<br />' |
|
.&mt('Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' |
,'<a href="/adm/resetpw">','</a>') |
,'<a href="/adm/resetpw">','</a>') |
.'</p>' |
.'</p>' |
); |
); |