--- loncom/interface/resetpw.pm 2012/02/14 15:48:55 1.23.2.2.2.3 +++ loncom/interface/resetpw.pm 2013/08/17 00:34:29 1.36 @@ -1,7 +1,7 @@ # The LearningOnline Network # Allow access to password changing via a token sent to user's e-mail. # -# $Id: resetpw.pm,v 1.23.2.2.2.3 2012/02/14 15:48:55 raeburn Exp $ +# $Id: resetpw.pm,v 1.36 2013/08/17 00:34:29 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -66,9 +66,13 @@ sub handler { return OK; } my $contact_name = &mt('LON-CAPA helpdesk'); - my $contact_email = $r->dir_config('lonSupportEMail'); + my $origmail = $r->dir_config('lonSupportEMail'); my $server = $r->dir_config('lonHostID'); my $defdom = &Apache::lonnet::default_login_domain(); + my $contacts = + &Apache::loncommon::build_recipient_list(undef,'helpdeskmail', + $defdom,$origmail); + my ($contact_email) = split(',',$contacts); my $handle = &Apache::lonnet::check_for_valid_session($r); my $lonidsdir=$r->dir_config('lonIDsDir'); if ($handle ne '') { @@ -80,23 +84,17 @@ sub handler { } &Apache::lonacc::get_posted_cgi($r); &Apache::lonlocal::get_language_handle($r); - &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token', - 'uname','useremail','referrer']); + &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']); my @emailtypes = ('permanentemail','critnotification','notification'); - my $uname = $env{'form.uname'}; - my $useremail = $env{'form.useremail'}; + my $uname = &unescape($env{'form.uname'}); my $udom = $env{'form.udom'}; my $token = $env{'form.token'}; - my $case_change; my $brcrum = []; - my $bread_crumbs_component = 'Forgotten Password'; if ($token) { push (@{$brcrum}, {href => '/adm/resetpw', text => 'Update Password'}); - - $bread_crumbs_component = 'Reset Password'; } else { push (@{$brcrum}, {href => '/adm/resetpw', @@ -107,30 +105,17 @@ sub handler { text => 'Result'}); } } - my $args = {bread_crumbs => $brcrum, - bread_crumbs_component => $bread_crumbs_component, - 'no_inline_link' => 1}; + my $args = {bread_crumbs => $brcrum}; $r->print(&Apache::loncommon::start_page('Reset password','',$args)); - $r->print('

'.&mt('Reset forgotten LON-CAPA password').'

'); + $r->print('

'.&mt('Reset forgotten LON-CAPA password').'

'); my $output; if ($token) { $output = &reset_passwd($r,$token,$contact_name,$contact_email); - } elsif ($uname && $udom && ($env{'form.referrer'} ne 'createaccount')) { + } elsif ($uname && $udom) { my $domdesc = &Apache::lonnet::domain($udom,'description'); - my $homeserver = &Apache::lonnet::homeserver($uname,$udom); - if ($homeserver eq 'no_host') { - my $lc_uname = lc($uname); - if ($lc_uname ne $uname) { - $homeserver = &Apache::lonnet::homeserver($lc_uname,$udom); - unless ($homeserver eq 'no_host') { - $uname = $lc_uname; - $useremail = lc($env{'form.useremail'}); - $case_change = 1; - } - } - } my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom); if ($authtype =~ /^internal/) { + my $useremail = $env{'form.useremail'}; if ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { $output = &invalid_state('baduseremail',$domdesc, $contact_name,$contact_email); @@ -149,15 +134,8 @@ sub handler { } foreach my $item (@items) { if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { - if ($case_change) { - my $lcitem = lc($item); - unless(grep(/^\Q$lcitem\E$/,@allemails)) { - push(@allemails,$lcitem); - } - } else { - unless(grep(/^\Q$item\E$/,@allemails)) { - push(@allemails,$item); - } + unless(grep(/^\Q$item\E$/,@allemails)) { + push(@allemails,$item); } } } @@ -185,7 +163,7 @@ sub handler { $contact_name,$contact_email); } } else { - $output = &get_uname($defdom,$uname,$useremail); + $output = &get_uname($defdom); } $r->print($output); $r->print(&Apache::loncommon::end_page()); @@ -193,42 +171,41 @@ sub handler { } sub get_uname { - my ($defdom,$uname,$useremail) = @_; + my ($defdom) = @_; my %lt = &Apache::lonlocal::texthash( - unam => 'username', - udom => 'domain', + unam => 'LON-CAPA username', + udom => 'LON-CAPA domain', uemail => 'E-mail address in LON-CAPA', proc => 'Proceed'); - my %value; - if ($env{'form.referrer'} eq 'createaccount') { - $value{'uname'} = $uname; - $value{'useremail'} = $useremail; - } - if ($env{'form.referrer'} eq 'createaccount') { - $value{'uname'} = $uname; - $value{'useremail'} = $useremail; - } - my $msg = '
'.&mt('To be able to reset a forgotten password:') - .'
' - .&mt('In most cases the [_1] username is the same as your e-mail address, in which case you will enter the same information twice.','Mechanics Online').'

'; + + my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); + $msg .= '

'.&mt('Three conditions must be met:') + .''; $msg .= '
'. - &Apache::lonhtmlcommon::start_pick_box(). - &Apache::lonhtmlcommon::row_title('Mechanics Online '.$lt{'unam'}). - ''. - ''. + &Apache::lonhtmlcommon::start_pick_box(). + &Apache::lonhtmlcommon::row_title($lt{'unam'}). + ''. + &Apache::lonhtmlcommon::row_closure(1). + &Apache::lonhtmlcommon::row_title($lt{'udom'}). + &Apache::loncommon::select_dom_form($defdom,'udom'). &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::row_title($lt{'uemail'}). - ''. + ''. &Apache::lonhtmlcommon::end_pick_box(). - '

'."\n"; + '

'; return $msg; } sub send_token { my ($uname,$udom,$email,$server,$domdesc,$contact_name, $contact_email) = @_; - my $msg = &mt('Thank you for your request to reset the password for your LON-CAPA account.').'

'; + my $msg = + '

' + .&mt('Thank you for your request to reset the password for your LON-CAPA account.') + .'

'; my $now = time; my $temppasswd = &create_passwd(); @@ -248,25 +225,35 @@ sub send_token { my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name, $contact_email); if ($result eq 'ok') { - $msg .= &mt('An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.').'

'.&mt('The link included in the message will be valid for the next [_1]two[_2] hours.','',''); + $msg .= + &mt('An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.') + .'

' + .&mt('The link included in the message will be valid for the next [_1]two[_2] hours.','',''); } else { - $msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); + $msg .= + '

' + .&mt('An error occurred when sending a message to the e-mail address' + .' associated with your LON-CAPA account.') + .'

' + .&display_actions($contact_email,$domdesc); } } else { - $msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); + $msg .= + '

' + .&mt('An error occurred creating a token required for the' + .' password reset process.') + .'

' + .&display_actions($contact_email,$domdesc); } return $msg; } sub send_mail { - my ($domdesc,$email,$mailmsg,$contact_name,$contact_email,$subject) = @_; - if ($subject eq '') { - $subject = &mt('Your LON-CAPA account'); - } + my ($domdesc,$email,$mailmsg,$contact_name,$contact_email) = @_; my $outcome; my $requestmail = "To: $email\n". "From: $contact_name <$contact_email>\n". - "Subject: $subject\n". + "Subject: ".&mt('Your LON-CAPA account')."\n". "Content-type: text/plain\;charset=UTF-8\n". "\n\n".$mailmsg."\n\n". &mt('[_1] LON-CAPA support team',$domdesc)."\n". @@ -285,8 +272,12 @@ sub invalid_state { my ($error,$domdesc,$contact_name,$contact_email) = @_; my $msg; if ($error eq 'invalid') { - $msg = '

'.&mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc) - .'

'.&mt('Please [_1]go back[_2] and try again.','',''); + $msg = + '

' + .&mt('The username you provided was not verified as a valid username' + .' in the LON-CAPA system for the [_1] domain.',''.$domdesc.'') + .'

'; + $msg .= &display_actions($contact_email,$domdesc); } else { if ($error eq 'baduseremail') { $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); @@ -297,14 +288,8 @@ sub invalid_state { } elsif ($error eq 'authentication') { $msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.'); } - $msg = '

'.$msg.'

'; - if ($contact_email ne '') { - my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); - $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.' - ,'','',$domdesc); - } else { - $msg .= '
'.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); - } + $msg = '

'.$msg.'

' + .&display_actions($contact_email,$domdesc); } return $msg; } @@ -327,19 +312,6 @@ sub reset_passwd { my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); if ($now - $data{'time'} < 7200) { if ($env{'form.action'} eq 'verify_and_change_pass') { - my $homeserver = &Apache::lonnet::homeserver($env{'form.uname'},$env{'form.udom'}); - if ($homeserver eq 'no_host') { - my $lc_uname = lc($env{'form.uname'}); - if ($lc_uname ne $env{'form.uname'}) { - $homeserver = &Apache::lonnet::homeserver($lc_uname,$env{'form.udom'}); - unless ($homeserver eq 'no_host') { - if ($env{'form.uname'} eq $env{'form.email'}) { - $env{'form.email'} = $lc_uname; - } - $env{'form.uname'} = $lc_uname; - } - } - } unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) { $msg = &generic_failure_msg($contact_name,$contact_email); return $msg; @@ -354,13 +326,24 @@ sub reset_passwd { my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; my $result = &send_mail($domdesc,$data{'email'},$mailmsg, $contact_name,$contact_email); + my $confirm_msg; if ($result eq 'ok') { - $msg .= &mt('An e-mail confirming setting of the password for your LON-CAPA account has been sent to [_1].',$data{'email'}); + $confirm_msg = + &Apache::lonhtmlcommon::confirm_success( + &mt('An e-mail confirming setting of the password' + .' for your LON-CAPA account has been sent to [_1].' + ,''.$data{'email'}.'')); } else { - $msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'}); + $confirm_msg = + &Apache::lonhtmlcommon::confirm_success( + &mt('An error occurred when sending e-mail to [_1]' + .' confirming setting of your new password.' + ,''.$data{'email'}.''),1); } - $msg .= '

' - .''.&mt('Go to the login page').'.'; + $msg .= + &Apache::loncommon::confirmwrapper($confirm_msg) + .&Apache::lonhtmlcommon::actionbox([ + ''.&mt('Go to the login page').'']); } elsif ($change_failed eq 'invalid_client') { my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'}); if ($homeserver eq 'no_host') { @@ -375,34 +358,48 @@ sub reset_passwd { $opentag = ''; $closetag = ''; } - $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag); + $msg .= + '

' + .&mt('A problem occurred when attempting to reset' + .' the password for your account.' + .' Please try again from your [_1]home server[_2].' + ,$opentag,$closetag) + .'

'; } } else { $msg .= &generic_failure_msg($contact_name,$contact_email); } } else { - $r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'
'. - '

'.&mt('Please enter the username and domain of the LON-CAPA account, and the associated e-mail address, for which you are setting a password.').'
'. - &mt('In most cases the [_1] username is the same as your e-mail address, in which case you will enter the same information twice.','Mechanics Online').'

'. - '

'.&mt('The new password must contain at least 7 characters.').' '. - &mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'

'); + $r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'

'); + $r->print(&mt('Please enter the username and domain of the LON-CAPA account, and the associated e-mail address, for which you are setting a password. The new password must contain at least 7 characters.').' '.&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'
'); &Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token); } } else { - $msg = &mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' - ,'',''); + $msg = + '

' + .&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.' + ,'','') + .'

'; } } else { - $msg .= &mt('Sorry, the URL generated when you requested reset of your password contained incomplete information. Please submit a [_1]new request[_2] for a password reset, and use the new URL that will be sent to your e-mail account to complete the process.' - ,'',''); + $msg .= + '

' + .&mt('Sorry, the URL generated when you requested reset of your password contained incomplete information. Please submit a [_1]new request[_2] for a password reset, and use the new URL that will be sent to your e-mail account to complete the process.' + ,'','') + .'

'; } return $msg; } sub generic_failure_msg { my ($contact_name,$contact_email) = @_; - return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.', - $contact_name,''.$contact_email.''); + return + '

' + .&mt('A problem occurred when attempting to reset the password for your account.') + .'
' + .&mt('Please contact the [_1] ([_2]) for assistance.', + $contact_name,''.$contact_email.'') + .'

'; } sub create_passwd { @@ -425,4 +422,28 @@ sub create_passwd { return ($passwd); } +sub display_actions { + my ($contact_email, $domdesc) = @_; + my @msg = (&mt('[_1]Go back[_2] and try again', + '','')); + my $msg2 = ''; + if ($contact_email ne '') { + my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); + push(@msg, &mt('Contact the [_1]LON-CAPA helpdesk[_2] for the institution: [_3]', + '', + '',''.$domdesc.'')); + } else { + $msg2 = + '

' + .&mt('You may wish to send an e-mail to the' + .' server administrator: [_1] for the [_2] domain.', + ''.$Apache::lonnet::perlvar{'AdmEMail'}.'', + ''.$domdesc.'') + .'

'; + } + + return &Apache::lonhtmlcommon::actionbox(\@msg).$msg2; + +} + 1;