loncom/interface/resetpw.pm - diff

Return to resetpw.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/resetpw.pm between versions 1.19 and 1.22.2.2

version 1.19, 2009/10/01 17:22:13	version 1.22.2.2, 2010/09/19 15:04:40
Line 26	Line 26
# http://www.lon-capa.org/	# http://www.lon-capa.org/
#	#
#	#

	=pod

	=head1 NAME

	Apache::resetpw: reset user password.

	=head1 SYNOPSIS

	Handles resetting of forgotten passwords.

	This is part of the LearningOnline Network with CAPA project
	described at http://www.lon-capa.org.

	=head1 OVERVIEW

	A user with an e-mail address associated with his/her LON-CAPA username
	can reset a forgotten password, using a link sent to the e-mail address
	if the authentication type for the account is "internal".

	=cut

package Apache::resetpw;	package Apache::resetpw;

use strict;	use strict;
Line 53 sub handler {	Line 75 sub handler {

my @emailtypes = ('permanentemail','critnotification','notification');	my @emailtypes = ('permanentemail','critnotification','notification');
my $uname = &unescape($env{'form.uname'});	my $uname = &unescape($env{'form.uname'});
	my $useremail = $env{'form.useremail'};
my $udom = $env{'form.udom'};	my $udom = $env{'form.udom'};
my $token = $env{'form.token'};	my $token = $env{'form.token'};
	my $case_change;
my $start_page =	my $start_page =
&Apache::loncommon::start_page('Reset password','',	&Apache::loncommon::start_page('Reset password','',
{	{
Line 66 sub handler {	Line 90 sub handler {
$output = &reset_passwd($r,$token,$contact_name,$contact_email);	$output = &reset_passwd($r,$token,$contact_name,$contact_email);
} elsif ($uname && $udom) {	} elsif ($uname && $udom) {
my $domdesc = &Apache::lonnet::domain($udom,'description');	my $domdesc = &Apache::lonnet::domain($udom,'description');
	my $homeserver = &Apache::lonnet::homeserver($uname,$udom);
	if ($homeserver eq 'no_host') {
	my $lc_uname = lc($uname);
	if ($lc_uname ne $uname) {
	$homeserver = &Apache::lonnet::homeserver($lc_uname,$udom);
	unless ($homeserver eq 'no_host') {
	$uname = $lc_uname;
	$useremail = lc($env{'form.useremail'});
	$case_change = 1;
	}
	}
	}
my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom);	my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom);
if ($authtype =~ /^internal/) {	if ($authtype =~ /^internal/) {
my $useremail = $env{'form.useremail'};
if ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {	if ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
$output = &invalid_state('baduseremail',$domdesc,	$output = &invalid_state('baduseremail',$domdesc,
$contact_name,$contact_email);	$contact_name,$contact_email);
Line 87 sub handler {	Line 122 sub handler {
}	}
foreach my $item (@items) {	foreach my $item (@items) {
if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {	if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
unless(grep(/^\Q$item\E$/,@allemails)) {	if ($case_change) {
push(@allemails,$item);	my $lcitem = lc($item);
	unless(grep(/^\Q$lcitem\E$/,@allemails)) {
	push(@allemails,$lcitem);
	}
	} else {
	unless(grep(/^\Q$item\E$/,@allemails)) {
	push(@allemails,$item);
	}
}	}
}	}
}	}
Line 126 sub handler {	Line 168 sub handler {
sub get_uname {	sub get_uname {
my ($defdom) = @_;	my ($defdom) = @_;
my %lt = &Apache::lonlocal::texthash(	my %lt = &Apache::lonlocal::texthash(
unam => 'username',	unam => 'LON-CAPA username',
udom => 'domain',	udom => 'LON-CAPA domain',
uemail => 'E-mail address in LON-CAPA',	uemail => 'E-mail address in LON-CAPA',
proc => 'Proceed');	proc => 'Proceed');

my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');	my $msg = '<br />'.&mt('To be able to reset a forgotten password:')
$msg .= '<br /><br />'.&mt('Three conditions must be met:')
.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'	.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'	.'<li>'.&mt('You must be able to access e-mail sent to the e-mail address associated with your WebCenter account.').'</li></ul><br />'
.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')	.&mt('In most cases the GCI WebCenter username is the same as your e-mail address, in which case you will enter the same information twice. ').'<br />';
.'</ul>';	$msg .= '
$msg .= qq\|
<form name="forgotpw" method="post">	<form name="forgotpw" method="post">
<table>	<table>
<tr><td>	<tr>
<tr><td align="left">LON-CAPA $lt{'unam'}: </td>	<td align="left">'.$lt{'unam'}.':</td>
<td><input type="text" name="uname" size="15" /></td></tr>	<td><input type="text" name="uname" size="30" />
<tr><td align="left">LON-CAPA $lt{'udom'}: </td>	<input type="hidden" name="udom" value="'.$defdom.'" /></td>
<td>\|;	</tr>
$msg .= &Apache::loncommon::select_dom_form($defdom,'udom');	<tr>
$msg .= qq\|</td></tr>	<td align="left">'.$lt{'uemail'}.':</td>
<tr><td align="left">$lt{'uemail'}: </td>	<td><input type="text" name="useremail" size="30" /></td>
<td><input type="text" name="useremail" size="30" /></td></tr>	</tr>
<tr><td colspan="2" align="left"><br />	<tr><td colspan="2" align="left"><br />
<input type="submit" value="$lt{'proc'}" /></td></tr>	<input type="submit" value="'.$lt{'proc'}.'" /></td>
	</tr>
</table>	</table>
</form>	</form>'."\n";
\|;
return $msg;	return $msg;
}	}

Line 180 sub send_token {	Line 220 sub send_token {
my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,	my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,
$contact_email);	$contact_email);
if ($result eq 'ok') {	if ($result eq 'ok') {
$msg .= &mt("An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours.");	$msg .= &mt('An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.').'<br /><br />'.&mt('The link included in the message will be valid for the next [_1]two[_2] hours.','<b>','</b>');
} else {	} else {
$msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);	$msg .= &mt('An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email);
}	}
} else {	} else {
$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);	$msg .= &mt('An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email);
}	}
return $msg;	return $msg;
}	}
Line 254 sub reset_passwd {	Line 294 sub reset_passwd {
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});	my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});
if ($now - $data{'time'} < 7200) {	if ($now - $data{'time'} < 7200) {
if ($env{'form.action'} eq 'verify_and_change_pass') {	if ($env{'form.action'} eq 'verify_and_change_pass') {
	my $homeserver = &Apache::lonnet::homeserver($env{'form.uname'},$env{'form.udom'});
	if ($homeserver eq 'no_host') {
	my $lc_uname = lc($env{'form.uname'});
	if ($lc_uname ne $env{'form.uname'}) {
	$homeserver = &Apache::lonnet::homeserver($lc_uname,$env{'form.udom'});
	unless ($homeserver eq 'no_host') {
	if ($env{'form.uname'} eq $env{'form.email'}) {
	$env{'form.email'} = $lc_uname;
	}
	$env{'form.uname'} = $lc_uname;
	}
	}
	}
	unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) {
	$msg = &generic_failure_msg($contact_name,$contact_email);
	return $msg;
	}
my $change_failed =	my $change_failed =
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);	&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
if (!$change_failed) {	if (!$change_failed) {
Line 271 sub reset_passwd {	Line 328 sub reset_passwd {
}	}
$msg .= '<br /><br />'	$msg .= '<br /><br />'
.'<a href="/adm/login">'.&mt('Go to the login page').'</a>.';	.'<a href="/adm/login">'.&mt('Go to the login page').'</a>.';
	} elsif ($change_failed eq 'invalid_client') {
	my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'});
	if ($homeserver eq 'no_host') {
	$msg .= &generic_failure_msg($contact_name,$contact_email);
	} else {
	my $protocol = $Apache::lonnet::protocol{$homeserver};
	$protocol = 'http' if ($protocol ne 'https');
	my $url = $protocol.'://'.&Apache::lonnet::hostname($homeserver).
	'/adm/resetpw';
	my ($opentag,$closetag);
	if ($url) {
	$opentag = '<a href="'.$url.'">';
	$closetag = '</a>';
	}
	$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag);
	}
} else {	} else {
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.'	$msg .= &generic_failure_msg($contact_name,$contact_email);
,$contact_name
,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>');
}	}
} else {	} else {
$r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />');	$r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br />'.
$r->print(&mt('Please enter the username and domain of the LON-CAPA account, and the associated e-mail address, for which you are setting a password. The new password must contain at least 7 characters.').' '.&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br />');	'<p>'.&mt('Please enter the username and domain of the LON-CAPA account, and the associated e-mail address, for which you are setting a password.').'<br />'.
	&mt('In most cases the GCI WebCenter username is the same as your e-mail address, in which case you will enter the same information twice.').'</p>'.
	'<p>'.&mt('The new password must contain at least 7 characters.').' '.
	&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'<br /></p>');
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token);	&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token);
}	}
} else {	} else {
Line 292 sub reset_passwd {	Line 366 sub reset_passwd {
return $msg;	return $msg;
}	}

	sub generic_failure_msg {
	my ($contact_name,$contact_email) = @_;
	return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.',
	$contact_name,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>');
	}

sub create_passwd {	sub create_passwd {
my $passwd = '';	my $passwd = '';
my @letts = ("a".."z");	my @letts = ("a".."z");

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.19
changed lines
	Added in v.1.22.2.2