loncom/interface/resetpw.pm - diff

Return to resetpw.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/resetpw.pm between versions 1.1 and 1.8

version 1.1, 2006/10/23 21:22:51	version 1.8, 2008/01/25 16:46:50
Line 32 use Apache::lonacc;	Line 32 use Apache::lonacc;
use Apache::lonnet;	use Apache::lonnet;
use Apache::loncommon;	use Apache::loncommon;
use Apache::lonlocal;	use Apache::lonlocal;
use lib '/home/httpd/lib/perl/';
use LONCAPA;	use LONCAPA;

sub handler {	sub handler {
Line 56 sub handler {	Line 55 sub handler {
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);	&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);

my @emailtypes = ('permanentemail','critnotification','notification');	my @emailtypes = ('permanentemail','critnotification','notification');
my $uname = $env{'form.uname'};	my $uname = &unescape($env{'form.uname'});
my $udom = $env{'form.udom'};	my $udom = $env{'form.udom'};
$uname =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
my $token = $env{'form.token'};	my $token = $env{'form.token'};
$r->print(&mt('<h3>Reset forgotten LON-CAPA password</h3>'));	$r->print(&mt('<h3>'.&mt('Reset forgotten LON-CAPA password').'</h3>'));
my $output;	my $output;
if ($token) {	if ($token) {
$output = &reset_passwd($r,$token,$contact_name,$contact_email);	$output = &reset_passwd($r,$token,$contact_name,$contact_email);
} elsif ($uname && $udom) {	} elsif ($uname && $udom) {
my $domdesc = $Apache::lonnet::domaindescription{$udom};	my $domdesc = &Apache::lonnet::domain($udom,'description');
my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom);	my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom);
if ($authtype =~ /^internal/) {	if ($authtype =~ /^internal/) {
my %userinfo =	my $useremail = $env{'form.useremail'};
&Apache::lonnet::get('environment',\@emailtypes,$udom,$uname);	if ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
my $email = '';	$output = &invalid_state('baduseremail',$domdesc,
my $emailtarget;
foreach my $type (@emailtypes) {
$email = $userinfo{$type};
if ($email =~ /[^\@]+\@[^\@]+/) {
$emailtarget = $type;
last;
}
}
if ($email =~ /[^\@]+\@[^\@]+/) {
$output = &send_token($uname,$udom,$email,$server,$domdesc,
$contact_name,$contact_email);
} else {
$output = &invalid_state('missing',$domdesc,
$contact_name,$contact_email);	$contact_name,$contact_email);
	} else {
	my %userinfo =
	&Apache::lonnet::get('environment',\@emailtypes,
	$udom,$uname);
	my $email = '';
	my $emailtarget;
	foreach my $type (@emailtypes) {
	$email = $userinfo{$type};
	if ($email =~ /[^\@]+\@[^\@]+/) {
	$emailtarget = $type;
	last;
	}
	}
	if ($email =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
	if ($useremail eq $email) {
	$output = &send_token($uname,$udom,$email,$server,
	$domdesc,$contact_name,
	$contact_email);
	} else {
	$output = &invalid_state('mismatch',$domdesc,
	$contact_name,
	$contact_email);
	}
	} else {
	$output = &invalid_state('missing',$domdesc,
	$contact_name,$contact_email);
	}
}	}
} elsif ($authtype =~ /^(krb\|unix\|local)/) {	} elsif ($authtype =~ /^(krb\|unix\|local)/) {
$output = &invalid_state('authentication',$domdesc,	$output = &invalid_state('authentication',$domdesc,
Line 106 sub get_uname {	Line 118 sub get_uname {
my %lt = &Apache::lonlocal::texthash(	my %lt = &Apache::lonlocal::texthash(
unam => 'username',	unam => 'username',
udom => 'domain',	udom => 'domain',
	uemail => 'Email address in LON-CAPA',
proc => 'Proceed');	proc => 'Proceed');

my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');	my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');
$msg .= '<br /><br />'.&mt('Three conditions must be met:<ul><li>An e-mail address must have previously been associated with your LON-CAPA username.</li><li>You must be able to access e-mail sent to that address.</li><li>Your account must be of a type for which LON-CAPA can reset a password.</ul>');	$msg .= '<br /><br />'.&mt('Three conditions must be met:')
	.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'
	.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'
	.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')
	.'</ul>';
$msg .= qq\|	$msg .= qq\|
<form name="forgotpw" method="post">	<form name="forgotpw" method="post">
<table>	<table>
<tr><td>	<tr><td>
<tr><td align="left">LON-CAPA $lt{'unam'}: </td>	<tr><td align="left">LON-CAPA $lt{'unam'}: </td>
<td><input type="text" name="uname" size="10" /> </td></tr>	<td><input type="text" name="uname" size="15" /> </td></tr>
<tr><td align="left">LON-CAPA $lt{'udom'}: </td>	<tr><td align="left">LON-CAPA $lt{'udom'}: </td>
<td>\|;	<td>\|;
$msg .= &Apache::loncommon::select_dom_form($defdom,'udom');	$msg .= &Apache::loncommon::select_dom_form($defdom,'udom');
$msg .= qq\|</td></tr>	$msg .= qq\|</td></tr>
	<tr><td align="left">$lt{'uemail'}: </td>
	<td><input type="text" name="useremail" size="30" /></td></tr>
<tr><td colspan="2" align="left"><br />	<tr><td colspan="2" align="left"><br />
<input type="button" value="$lt{'proc'}" onClick="document.forgotpw.submit()"></td></tr>	<input type="button" value="$lt{'proc'}" onClick="document.forgotpw.submit()"></td></tr>
</table>	</table>
	</form>
\|;	\|;
return $msg;	return $msg;
}	}
Line 130 sub get_uname {	Line 150 sub get_uname {
sub send_token {	sub send_token {
my ($uname,$udom,$email,$server,$domdesc,$contact_name,	my ($uname,$udom,$email,$server,$domdesc,$contact_name,
$contact_email) = @_;	$contact_email) = @_;
# my $token = MD5->hexhash(MD5->hexhash(time.{}.rand().$$));
my $msg = &mt('Thank you for your request to reset the password for your	my $msg = &mt('Thank you for your request to reset the password for your
LON-CAPA account.').'<br /><br />';	LON-CAPA account.').'<br /><br />';

my $now = time;	my $now = time;
my $temppasswd = &create_passwd();	my $temppasswd = &create_passwd();
my %info = ('ip' => $ENV{'REMOTE_ADDR'},	my %info = ('ip' => $ENV{'REMOTE_ADDR'},
'time' => $now,	'time' => $now,
'domain' => $udom,	'domain' => $udom,
'username' => $uname,	'username' => $uname,
'email' => $email,	'email' => $email,
'temppasswd' => $temppasswd);	'temppasswd' => $temppasswd);

my $token = &Apache::lonnet::tmpput(\%info,$server);	my $token = &Apache::lonnet::tmpput(\%info,$server,'resetpw');
if ($token !~ /^error/) {	if ($token !~ /^error/ && $token ne 'no_such_host') {
my $esc_token = $token;	my $esc_token = &escape($token);
$esc_token =~ s/(\W)/"%".unpack('H2',$1)/eg;
my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ".	my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ".
"password for your LON-CAPA account.".	"password for your LON-CAPA account.".
"To complete this process please open a web browser and enter the following ".	"To complete this process please open a web browser and enter the following ".
Line 154 sub send_token {	Line 172 sub send_token {
my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,	my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,
$contact_email);	$contact_email);
if ($result eq 'ok') {	if ($result eq 'ok') {
$msg .= &mt("An e-mail message sent to <b>$email</b> includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours.");	$msg .= &mt("An e-mail message sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours.");
} else {	} else {
$msg .= ("An error occurred when sending e-mail to $email with information about the reset process. Please contact the $contact_name ($contact_email) for assistance.");	$msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);
}	}
} else {	} else {
$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the $contact_name ($contact_email) for assistance.");	$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);
}	}
return $msg;	return $msg;
}	}
Line 187 sub invalid_state {	Line 205 sub invalid_state {
my ($error,$domdesc,$contact_name,$contact_email) = @_;	my ($error,$domdesc,$contact_name,$contact_email) = @_;
my $msg;	my $msg;
if ($error eq 'invalid') {	if ($error eq 'invalid') {
$msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc).&mt(' Please <a href="javascript:history.go(-1)"><u>go back</u></a> and try again.');	$msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc)
	.' '.&mt('Please [_1]go back[_2] and try again.','<a href="javascript:history.go(-1)"><u>','</u></a>');
} else {	} else {
if ($error eq 'missing') {	if ($error eq 'baduseremail') {
	$msg = &mt('The e-mail address you provided does not appear to be a valid address.');
	} elsif ($error eq 'mismatch') {
	$msg = &mt('The e-mail address you provided does not match the address recorded in the LON-CAPA system for the username and domain you provided.');
	} elsif ($error eq 'missing') {
$msg = &mt('A valid e-mail address was not located in the LON-CAPA system for the username and domain you provided.');	$msg = &mt('A valid e-mail address was not located in the LON-CAPA system for the username and domain you provided.');
} elsif ($error eq 'authentication') {	} elsif ($error eq 'authentication') {
$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');	$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');
}	}
if ($contact_email ne '') {	if ($contact_email ne '') {
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');	my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');
$msg .= &mt(' You may wish to contact the <a href="/adm/helpdesk?origurl=[_1]">LON-CAPA helpdesk</a> for the [_2] domain.',$escuri,$domdesc);	$msg .= '<br /> '.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.'
	,'<a href="/adm/helpdesk?origurl='.$escuri.'">','</a>',$domdesc);
} else {	} else {
$msg .= &mt(' You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',Apache::lonnet::perlvar{'AdminEmail'},$domdesc);	$msg .= '<br /> '.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc);
}	}
}	}
return $msg;	return $msg;
Line 216 sub reset_passwd {	Line 240 sub reset_passwd {
if (($data{'time'} =~ /^\d+$/) &&	if (($data{'time'} =~ /^\d+$/) &&
($data{'username'} ne '') &&	($data{'username'} ne '') &&
($data{'domain'} ne '') &&	($data{'domain'} ne '') &&
($data{'email'} =~ /^[^\@]+\@[^\@]+$/) &&	($data{'email'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) &&
($data{'temppasswd'} =~/^\w+$/)) {	($data{'temppasswd'} =~/^\w+$/)) {
my $reqtime = localtime($data{'time'});	my $reqtime = localtime($data{'time'});
if ($now - $data{'time'} < 7200) {	if ($now - $data{'time'} < 7200) {
if ($env{'form.action'} eq 'verify_and_change_pass') {	if ($env{'form.action'} eq 'verify_and_change_pass') {
my $change_failed =	my $change_failed =
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);	&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
if (!$change_failed) {	if (!$change_failed) {
my $delete = &Apache::lonnet::tmpdel($token);	my $delete = &Apache::lonnet::tmpdel($token);
my $now = localtime(time);	my $now = localtime(time);
my $domdesc =	my $domdesc =
$Apache::lonnet::domaindescription{$data{'domain'}};	&Apache::lonnet::domain($data{'domain'},'description');
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";	my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
my $result = &send_mail($domdesc,$data{'email'},$mailmsg,	my $result = &send_mail($domdesc,$data{'email'},$mailmsg,
$contact_name,$contact_email);	$contact_name,$contact_email);
Line 236 sub reset_passwd {	Line 260 sub reset_passwd {
} else {	} else {
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'});	$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'});
}	}
$msg .= '<br /<br />'.&mt('<a href="/adm/login">Go to the login page</a>.');	$msg .= '<br /><br />'.&mt('<a href="/adm/login">Go to the login page</a>.');
} else {	} else {
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - (<a href="mailto:[_2]">[_2]</a>) for assistance.',$contact_name,$contact_email);	$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - (<a href="mailto:[_2]">[_2]</a>) for assistance.',$contact_name,$contact_email);
}	}
Line 256 sub reset_passwd {	Line 280 sub reset_passwd {

sub create_passwd {	sub create_passwd {
my $passwd = '';	my $passwd = '';
my @letts = ("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z");	my @letts = ("a".."z");
for (my $i=0; $i<8; $i++) {	for (my $i=0; $i<8; $i++) {
my $lettnum = int (rand 2);	my $lettnum = int(rand(2));
my $item = '';	my $item = '';
if ($lettnum) {	if ($lettnum) {
$item = $letts[int( rand(26) )];	$item = $letts[int(rand(26))];
my $uppercase = int(rand 2);	my $uppercase = int(rand(2));
if ($uppercase) {	if ($uppercase) {
$item =~ tr/a-z/A-Z/;	$item =~ tr/a-z/A-Z/;
}	}
} else {	} else {
$item = int( rand(10) );	$item = int(rand(10));
}	}
$passwd .= $item;	$passwd .= $item;
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1
changed lines
	Added in v.1.8