--- loncom/interface/resetpw.pm	2006/10/23 21:22:51	1.1
+++ loncom/interface/resetpw.pm	2006/10/23 21:40:31	1.2
@@ -32,7 +32,6 @@ use Apache::lonacc;
 use Apache::lonnet;
 use Apache::loncommon;
 use Apache::lonlocal;
-use lib '/home/httpd/lib/perl/';
 use LONCAPA;
 
 sub handler {
@@ -56,9 +55,8 @@ sub handler {
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
     
     my @emailtypes = ('permanentemail','critnotification','notification');
-    my $uname = $env{'form.uname'};
+    my $uname = &unescape($env{'form.uname'});
     my $udom = $env{'form.udom'};
-    $uname =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
     my $token = $env{'form.token'};
     $r->print(&mt('<h3>Reset forgotten LON-CAPA password</h3>'));
     my $output;
@@ -123,6 +121,7 @@ sub get_uname {
 <tr><td colspan="2" align="left"><br />
     <input type="button" value="$lt{'proc'}" onClick="document.forgotpw.submit()"></td></tr>
 </table>
+</form>
 |;
     return $msg;
 }
@@ -136,17 +135,16 @@ sub send_token {
 
     my $now = time;
     my $temppasswd = &create_passwd();
-    my %info = ('ip'  => $ENV{'REMOTE_ADDR'},
-              'time'     => $now,
-              'domain'   => $udom,
-              'username' => $uname,
-              'email'    => $email,
-              'temppasswd' => $temppasswd);
+    my %info = ('ip'         => $ENV{'REMOTE_ADDR'},
+		'time'       => $now,
+		'domain'     => $udom,
+		'username'   => $uname,
+		'email'      => $email,
+		'temppasswd' => $temppasswd);
 
     my $token = &Apache::lonnet::tmpput(\%info,$server);
     if ($token !~ /^error/) {
-        my $esc_token = $token;
-        $esc_token =~ s/(\W)/"%".unpack('H2',$1)/eg;
+        my $esc_token = &escape($token);
         my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ".
              "password for your LON-CAPA account.".
              "To complete this process please open a web browser and enter the following ".
@@ -222,7 +220,7 @@ sub reset_passwd {
         if ($now - $data{'time'} < 7200) {
             if ($env{'form.action'} eq 'verify_and_change_pass') {
                 my $change_failed = 
-  &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
+		    &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
                 if (!$change_failed) {
                     my $delete = &Apache::lonnet::tmpdel($token);
                     my $now = localtime(time);
@@ -256,18 +254,18 @@ sub reset_passwd {
 
 sub create_passwd {
     my $passwd = '';
-    my @letts = ("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z");
+    my @letts = ("a".."z");
     for (my $i=0; $i<8; $i++) {
-        my $lettnum = int (rand 2);
+        my $lettnum = int(rand(2));
         my $item = '';
         if ($lettnum) {
-            $item = $letts[int( rand(26) )];
-            my $uppercase = int(rand 2);
+            $item = $letts[int(rand(26))];
+            my $uppercase = int(rand(2));
             if ($uppercase) {
                 $item =~ tr/a-z/A-Z/;
             }
         } else {
-            $item = int( rand(10) );
+            $item = int(rand(10));
         }
         $passwd .= $item;
     }